A long time ago, John said something like, "It is not the sender's business
whether I forward my mail or where I send it." Later, Laura expressed
concern about malicious actors trying to obtain forwarding data to
facilitate stalking. I have found these arguments persuasive, and its
fits well wi
On Mon 24/Oct/2022 22:30:06 +0200 Douglas Foster wrote:
If there is detailed ARC reporting, the only target should be the forwarder, as
the message originator and domain owner are not parties to the ARC process.
Consequently, ARC reporting cannot be part of the aggregate report going to the
do
& Messaging Policy
>
> Comcast
>
>
>
> *From:* dmarc *On Behalf Of * Dotzero
> *Sent:* Monday, October 24, 2022 12:36 PM
> *To:* dmarc@ietf.org
> *Subject:* Re: [dmarc-ietf] Aggregate Reporting - "Not Evaluated" result
>
>
>
>
>
>
>
> On Mon
marc@ietf.org
Subject: Re: [dmarc-ietf] Aggregate Reporting - "Not Evaluated" result
On Mon, Oct 24, 2022 at 5:47 AM Alessandro Vesely
mailto:ves...@tana.it>> wrote:
On Sun 23/Oct/2022 14:16:30 +0200 Dotzero wrote:
> On Sun, Oct 23, 2022 at 6:29 AM Alessandro Vesely
> mai
On Mon 24/Oct/2022 18:36:07 +0200 Dotzero wrote:
On Mon, Oct 24, 2022 at 5:47 AM Alessandro Vesely wrote:
On Sun 23/Oct/2022 14:16:30 +0200 Dotzero wrote:
On Sun, Oct 23, 2022 at 6:29 AM Alessandro Vesely wrote:
On Sat 22/Oct/2022 18:25:55 +0200 Dotzero wrote:
[...]
ARC too is a kind of una
On Mon, Oct 24, 2022 at 5:47 AM Alessandro Vesely wrote:
> On Sun 23/Oct/2022 14:16:30 +0200 Dotzero wrote:
> > On Sun, Oct 23, 2022 at 6:29 AM Alessandro Vesely
> wrote:
> >> On Sat 22/Oct/2022 18:25:55 +0200 Dotzero wrote:
> >>> Unaligned signatures are orthogonal/irrelevant to DMARC. They may
I continue to object to the notion that unaligned domains are relevant to
DMARC reporting, even on a "conditionally useful" basis.
This has become a scope issue: what does DMARC do for domain owners? My
answer:
DMARC defines an approach to proxy verification of the FROM address, using
SPF-veri
On Sun 23/Oct/2022 17:51:24 +0200 Murray S. Kucherawy wrote:
On Sun, Oct 23, 2022 at 7:03 AM Douglas Foster wrote:
Is it not a violation of GDPR to require DMARC participants to collect and
transmit data that is not essential to DMARC?
I am not a lawyer, but my understanding of GDPR is that i
On Sun 23/Oct/2022 14:16:30 +0200 Dotzero wrote:
On Sun, Oct 23, 2022 at 6:29 AM Alessandro Vesely wrote:
On Sat 22/Oct/2022 18:25:55 +0200 Dotzero wrote:
Unaligned signatures are orthogonal/irrelevant to DMARC. They may be useful in
other contexts. In the DKIM standard, signatures mean that t
No hat, as usual.
On Sun, Oct 23, 2022 at 7:03 AM Douglas Foster <
dougfoster.emailstanda...@gmail.com> wrote:
> Is it not a violation of GDPR to require DMARC participants to collect and
> transmit data that is not essential to DMARC?
>
I am not a lawyer, but my understanding of GDPR is that it
On Sun, Oct 23, 2022 at 6:29 AM Alessandro Vesely wrote:
> On Sat 22/Oct/2022 18:25:55 +0200 Dotzero wrote:
> > Unaligned signatures are orthogonal/irrelevant to DMARC. They may be
> useful in
> > other contexts. In the DKIM standard, signatures mean that the signer is
> > asserting some (unspeci
For ARC, we need to add indicators for:
ARC chain detected (maybe)
ARC chain broken or unbroken, and
ARC chain trusted (as a favorable factor for message disposition.)
The domain owner does not need to know the details of which chain
configurations I am willing to trust.
The domain owner cannot
Is it not a violation of GDPR to require DMARC participants to collect and
transmit data that is not essential to DMARC?
The decision of how to handle indirect flows is outside the ability of a
domain owner to control. Knowing that a message was accepted by local
policy says that the source is
On Sat 22/Oct/2022 18:25:55 +0200 Dotzero wrote:
Unaligned signatures are orthogonal/irrelevant to DMARC. They may be useful in
other contexts. In the DKIM standard, signatures mean that the signer is
asserting some (unspecified) responsibility for the signed message. That may be
useful for som
Unaligned signatures are orthogonal/irrelevant to DMARC. They may be useful
in other contexts. In the DKIM standard, signatures mean that the signer is
asserting some (unspecified) responsibility for the signed message. That
may be useful for some reputation systems.
Michael Hammer
On Sat, Oct 22
Yes, it could have multiple causes.
I was just trying to elucidate a reason why unaligned signatures are
needed.
Instead I conclude that one best aligned signature is all that is needed
for reporting. Not 100, not 10, just 1.
Doug
On Sat, Oct 22, 2022, 7:43 AM Dotzero wrote:
> " 3) A signa
" 3) A signature has been compromised and an unauthorized source is sending
authenticated mail. SPF FAIL with DMARC PASS provides the alarm trigger."
This is incorrect. SPF FAIL with DMARC PASS can simply be an indirect mail
flow. It might also be an incorrectly configured SPF record.
Michael Ha
My closing should have said:
"I would be happy to hear a case summary which indicates how a real problem
was solved by a domain owner, and was only solvable using non-aligned
results obtained from aggregate reports."
df
On Fri, Oct 21, 2022 at 5:57 PM Douglas Foster <
dougfoster.emailstanda...@g
I remain unconvinced. Mail is nearly free to the sender, but expensive
and risky for the recipient and his organization. Anything unwanted
message that gets through the spam filter consumes a person's time, which
is a non-trivial opportunity cost. Asking me to accept extra cost to
provide "ni
On Fri 21/Oct/2022 00:53:56 +0200 Douglas Foster wrote:
Aligned DKIM PASS
When an aligned DKIM result is PASS, I don't see that the domain owner needs
any more data collection performed. The verifiable DKIM scope ID should tell
him where the message originated, and the source IP and HELO nam
gt; *From:* dmarc *On Behalf Of * Douglas Foster
> *Sent:* Thursday, October 20, 2022 7:04 AM
> *To:* IETF DMARC WG
> *Subject:* Re: [dmarc-ietf] Aggregate Reporting - "Not Evaluated" result
>
>
>
> My thinking has evolved during this discussion:
>
>
>
> We sho
f Of Douglas Foster
Sent: Thursday, October 20, 2022 7:04 AM
To: IETF DMARC WG
Subject: Re: [dmarc-ietf] Aggregate Reporting - "Not Evaluated" result
My thinking has evolved during this discussion:
We should reject Incomplete Results
If an evaluator has decided to do incomplete evaluati
My thinking has evolved during this discussion:
We should reject Incomplete Results
If an evaluator has decided to do incomplete evaluation, we have to
consider the possibility that he may or may not collect enough information
to enumerate what signatures were not evaluated. So a signature resul
I understood Neil's concern, and have no objection, which is why I
counterproposed "must not".
On Wed, Oct 19, 2022, 8:42 PM Neil Anuskiewicz wrote:
>
>
> > On Oct 19, 2022, at 6:59 AM, Scott Kitterman
> wrote:
> >
> >
> >
> >> On October 19, 2022 12:44:16 PM UTC, Dotzero wrote:
> >> On Tue,
> On Oct 19, 2022, at 5:42 PM, Neil Anuskiewicz wrote:
>
>
>
>> On Oct 19, 2022, at 6:59 AM, Scott Kitterman wrote:
>>
>>
>>
On October 19, 2022 12:44:16 PM UTC, Dotzero wrote:
>>> On Tue, Oct 18, 2022 at 11:18 PM Scott Kitterman
>>> wrote:
>>>
On October 18, 20
> On Oct 19, 2022, at 6:59 AM, Scott Kitterman wrote:
>
>
>
>> On October 19, 2022 12:44:16 PM UTC, Dotzero wrote:
>> On Tue, Oct 18, 2022 at 11:18 PM Scott Kitterman
>> wrote:
>>
>>>
>>>
>>> On October 18, 2022 10:16:44 PM UTC, Neil Anuskiewicz <
>>> n...@marmot-tech.com> wrote:
On October 19, 2022 12:44:16 PM UTC, Dotzero wrote:
>On Tue, Oct 18, 2022 at 11:18 PM Scott Kitterman
>wrote:
>
>>
>>
>> On October 18, 2022 10:16:44 PM UTC, Neil Anuskiewicz <
>> n...@marmot-tech.com> wrote:
>> >
>> >
>> >> On Oct 2, 2022, at 11:01 AM, Douglas Foster <
>> dougfoster.emailstand
On Tue, Oct 18, 2022 at 11:18 PM Scott Kitterman
wrote:
>
>
> On October 18, 2022 10:16:44 PM UTC, Neil Anuskiewicz <
> n...@marmot-tech.com> wrote:
> >
> >
> >> On Oct 2, 2022, at 11:01 AM, Douglas Foster <
> dougfoster.emailstanda...@gmail.com> wrote:
> >>
> >>
> >> In many cases, an evaluato
On October 18, 2022 10:16:44 PM UTC, Neil Anuskiewicz
wrote:
>
>
>> On Oct 2, 2022, at 11:01 AM, Douglas Foster
>> wrote:
>>
>>
>> In many cases, an evaluator can determine a DMARC PASS result without
>> evaluating every available identifier.
>> If a message has SPF PASS with acceptabl
I cannot support a MUST statement, but I could support a MUST NOT:
"If an evaluator cannot provide results on all relevant identifiers, the
message MUST NOT be included in aggregate reports."
The apprropriate language depends on domain owner preferences: Do they
prefer no information to partial
> On Oct 2, 2022, at 11:01 AM, Douglas Foster
> wrote:
>
>
> In many cases, an evaluator can determine a DMARC PASS result without
> evaluating every available identifier.
> If a message has SPF PASS with acceptable alignment, the evaluator has no
> need to evaluate any DKIM signatures
These examples seem to need their own result code. The domain owner will
want to know that the signature was intact even though it was rejected,
because that tells him something important about the message flow. But he
will also want to know that the signature, and possibly the message, was
reje
On Mon, Oct 10, 2022 at 6:56 PM Douglas Foster <
dougfoster.emailstanda...@gmail.com> wrote:
> Signatures not Evaluated
> --
> Based on the above, a message may have signatures which lack reported
> results for any of these reasons:
> - The verifier evaluated signat
Scope considerations
For those who can speak on behalf of domain owners, it would be helpful to
clarify scope:
- If a message has multiple signatures for the same domain, do you want all
or one included in the DMARC aggregate report? I can imagine that having
both PA
On Wed 05/Oct/2022 03:13:28 +0200 Douglas Foster wrote:
Time for some data collection:
[...]
What are the maximum number of signatures ever observed on a single message?
I enable logging messages with more than 4 signatures. That's easy to grep in
old logs. I found 7 messages since Januar
Time for some data collection:
Who has a reporting implementation in use which is designed and tested to
support at least 100 DKIM signatures?
What are the maximum number of signatures ever observed on a single
message?
What can you tell us about the curve of signature count vs. message
volume?
> On 3 Oct 2022, at 23:31, Douglas Foster
> wrote:
>
> The primary key for aggregation is the SMTP domain (up to 255 characters),
> plus each DKIM domain (up to 255 characters) and its DKIM scope (up to 64
> characters).For 100 DKIM domains to be included, the primary key becomes
> up t
The primary key for aggregation is the SMTP domain (up to 255 characters),
plus each DKIM domain (up to 255 characters) and its DKIM scope (up to 64
characters).For 100 DKIM domains to be included, the primary key
becomes up to 201 fields with up to 25,919 characters. This is
unmanageable with
On Mon 03/Oct/2022 18:01:06 +0200 Murray S. Kucherawy wrote:
On Mon, Oct 3, 2022 at 10:26 AM Brotman, Alex wrote:
So we would likely need a section in the core document with a SHOULD for
evaluation (if it’s not already there), and then a section in the aggregate
reporting for a MUST for report
If the evaluator takes shortcuts, our options are
- please don't report at all
- please report only evaluated identifiers
- please include identified but unevaluated identifiers using a
not-evaluated status
- please include evaluated identifiers and a Flag event to tell the domain
owner that resul
Personally, I think the right approach to this is a section about the
importance of reporting to keep domain owners informed and aware and
to promote wider adoption of authentication and policy protocols.
That section would say that reporting SHOULD be done for those reasons
and would explain the b
On Mon, Oct 3, 2022 at 10:26 AM Brotman, Alex
wrote:
> So we would likely need a section in the core document with a SHOULD for
> evaluation (if it’s not already there), and then a section in the aggregate
> reporting for a MUST for reporting on evaluated information (if they choose
> to send rep
-Abuse & Messaging Policy
Comcast
From: dmarc On Behalf Of Murray S. Kucherawy
Sent: Monday, October 3, 2022 10:03 AM
To: Todd Herr
Cc: Douglas Foster ; IETF DMARC WG
Subject: Re: [dmarc-ietf] Aggregate Reporting - "Not Evaluated" result
On Mon, Oct 3, 2022 at 9:03 AM Tod
On Mon, Oct 3, 2022 at 9:03 AM Todd Herr wrote:
> On Sun, Oct 2, 2022 at 10:34 PM Douglas Foster <
> dougfoster.emailstanda...@gmail.com> wrote:
>
>> I am starting from the viewpoint that (a) reporting is a courtesy
>> provided by the evaluator to the domain owner, and (b) the evaluator will
>> d
On Sun, Oct 2, 2022 at 10:34 PM Douglas Foster <
dougfoster.emailstanda...@gmail.com> wrote:
> I am starting from the viewpoint that (a) reporting is a courtesy provided
> by the evaluator to the domain owner, and (b) the evaluator will do so in
> the context of his own interest, which includes fi
I am starting from the viewpoint that (a) reporting is a courtesy provided
by the evaluator to the domain owner, and (b) the evaluator will do so in
the context of his own interest, which includes filtering messages with
maximum possible efficiency.
This WG can certainly impose a requirement that
On Sun, Oct 2, 2022 at 2:01 PM Douglas Foster <
dougfoster.emailstanda...@gmail.com> wrote:
> In many cases, an evaluator can determine a DMARC PASS result
> without evaluating every available identifier.
>
>- If a message has SPF PASS with acceptable alignment, the evaluator
>has no need
In many cases, an evaluator can determine a DMARC PASS result
without evaluating every available identifier.
- If a message has SPF PASS with acceptable alignment, the evaluator has
no need to evaluate any DKIM signatures to know that the message produces
DMARC PASS.
- Some identifiers
48 matches
Mail list logo