On December 31, 2014 11:43:06 PM EST, Murray S. Kucherawy
superu...@gmail.com wrote:
OK, seriously, I hope I don't have to crack this open again. Conflict
review is slated for the 1/8 telechat, and a flurry of last minute
edits
might not sit well with the IESG. We need to leave actual work, as
OK, seriously, I hope I don't have to crack this open again. Conflict
review is slated for the 1/8 telechat, and a flurry of last minute edits
might not sit well with the IESG. We need to leave actual work, as much as
at all possible, to the WG, and not to hacking on the ISE version.
Diffs to
-Original Message-
From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of Dave Crocker
Sent: Monday, December 29, 2014 4:58 PM
To: dmarc@ietf.org
Subject: Re: [dmarc-ietf] Jim Fenton's review of -04
On 12/29/2014 12:32 PM, MH Michael Hammer (5304) wrote:
I suppose it's
-Original Message-
From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of Steven M Jones
Sent: Monday, December 29, 2014 5:00 PM
To: dmarc@ietf.org
Subject: Re: [dmarc-ietf] Jim Fenton's review of -04
On 12/29/2014 12:32 PM, MH Michael Hammer (5304) wrote:
-Original
On 12/30/2014 6:38 AM, MH Michael Hammer (5304) wrote:
he first question is whether this is a matter of local policy. If the
answer is yes (Which I believe and invoke King Canute), then anything
written IS a recommendation (even if it is only documenting what We
- for some definition of we -
On Dec 30, 2014, at 5:39 AM, MH Michael Hammer (5304) mham...@ag.com wrote:
-Original Message-
From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of Dave Crocker
Sent: Monday, December 29, 2014 4:58 PM
To: dmarc@ietf.org
Subject: Re: [dmarc-ietf] Jim Fenton's review of -04
of
the paragraph.
Mike
-Original Message-
From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of Scott Kitterman
Sent: Thursday, December 25, 2014 11:55 PM
To: dmarc@ietf.org
Subject: Re: [dmarc-ietf] Jim Fenton's review of -04
On December 25, 2014 8:43:29 PM CST, Murray S. Kucherawy
superu
On 12/29/2014 7:26 AM, MH Michael Hammer (5304) wrote:
It's still not quite right:
DMARC evaluation can only complete and yield a pass result when one
of the underlying authentication mechanisms passes for an aligned
identifier. If this is not the case and either or both of them
On December 29, 2014 11:50:51 AM EST, ned+dm...@mrochek.com wrote:
On 12/29/2014 7:26 AM, MH Michael Hammer (5304) wrote:
It's still not quite right:
DMARC evaluation can only complete and yield a pass result when
one
of the underlying authentication mechanisms passes for an aligned
On December 29, 2014 2:32:27 PM EST, Dave Crocker d...@dcrocker.net wrote:
On 12/29/2014 10:40 AM, Scott Kitterman wrote:
TO:
DMARC evaluation can only complete and yield a pass result when one
of the underlying authentication mechanisms passes for an aligned
identifier. If neither passes and
Still not quite correct...
-Original Message-
From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of Dave Crocker
Sent: Monday, December 29, 2014 2:32 PM
To: Scott Kitterman; dmarc@ietf.org
Subject: Re: [dmarc-ietf] Jim Fenton's review of -04
On 12/29/2014 10:40 AM, Scott
On Dec 25, 2014, at 8:30 PM, Murray S. Kucherawy superu...@gmail.com wrote:
On Thu, Dec 25, 2014 at 10:15 PM, Dave Crocker dcroc...@gmail.com
mailto:dcroc...@gmail.com wrote:
One could argue either way about the multi-valued From:, but at least it
has an essential relationship to DMARC,
On Thu, Dec 25, 2014 at 1:08 AM, Scott Kitterman skl...@kitterman.com
wrote:
I don't think it does. What I was trying to say is that if you already
got an
aligned pass from one method, you're done. It doesn't matter if they other
one gets a DNS error, you already have a definitive result.
On 12/25/2014 6:46 PM, Murray S. Kucherawy wrote:
Although I've already removed the paragraph under discussion, one more
point occurred to me:
There was text in there until recently that required rejection of
messages with multi-valued From: fields. People complained about this,
and so we
On Thu, Dec 25, 2014 at 10:15 PM, Dave Crocker dcroc...@gmail.com wrote:
One could argue either way about the multi-valued From:, but at least it
has an essential relationship to DMARC, since DMARC evaluates From:. If
DMARC were required to handle multi-valued From:, it would alter DMARC
On December 25, 2014 8:43:29 PM CST, Murray S. Kucherawy
superu...@gmail.com wrote:
On Thu, Dec 25, 2014 at 1:08 AM, Scott Kitterman skl...@kitterman.com
wrote:
I don't think it does. What I was trying to say is that if you
already
got an
aligned pass from one method, you're done. It
On 12/23/2014 10:11 PM, Murray S. Kucherawy wrote:
-08 text says:
If the RFC5322.From domain does not exist in the DNS, Mail
Receivers
SHOULD direct the receiving SMTP server to reject the message. The
choice of mechanism for such rejection and the
On Wed, Dec 24, 2014 at 4:09 AM, Scott Kitterman skl...@kitterman.com
wrote:
5.6.2 promises 5.6.3 addresses the question and it doesn't. At the very
least, 5.6.2 should be fixed not to over promise what 5.6.3 will provide.
I'm not clear why you say it doesn't. 5.6.3 describes two options for
On Wed, Dec 24, 2014 at 4:04 AM, Scott Kitterman skl...@kitterman.com
wrote:
The draft strongly encourages DMARC implementers to ignore SPF policy, so
I don't think assuming messages will be deferred due only due to SPF or
DKIM results indicating a temporary DNS error is appropriate.
If
On Wed, Dec 24, 2014 at 10:22 AM, Dave Crocker d...@dcrocker.net wrote:
I disagree. DMARC operators all seem to apply this practice, so it's
correct to say that if you play this game, you reject mail from
non-existent domains. Essentially in this way DMARC is a profile of
- Original Message -
From: Murray S. Kucherawy superu...@gmail.com
To: Dave Crocker dcroc...@bbiw.net
Cc: dmarc@ietf.org
Sent: Wednesday, December 24, 2014 7:50:16 AM
Subject: Re: [dmarc-ietf] Jim Fenton's review of -04
On Wed, Dec 24, 2014 at 10:22 AM, Dave Crocker d
On 12/24/2014 7:50 AM, Murray S. Kucherawy wrote:
This paragraph appears in the DMARC spec because the operators
participating all agreed that it should be part-and-parcel of this
operating profile of email. It's not as happenstance as this sounds so
far; the very thrust of DMARC is to make
On Wednesday, December 24, 2014 10:46:42 Murray S. Kucherawy wrote:
On Wed, Dec 24, 2014 at 4:04 AM, Scott Kitterman skl...@kitterman.com
wrote:
The draft strongly encourages DMARC implementers to ignore SPF policy, so
I don't think assuming messages will be deferred due only due to SPF or
On December 24, 2014 9:43:40 AM CST, Murray S. Kucherawy
superu...@gmail.com wrote:
On Wed, Dec 24, 2014 at 4:09 AM, Scott Kitterman skl...@kitterman.com
wrote:
5.6.2 promises 5.6.3 addresses the question and it doesn't. At the
very
least, 5.6.2 should be fixed not to over promise what 5.6.3
- Original Message -
From: Scott Kitterman skl...@kitterman.com
To: dmarc@ietf.org
Sent: Wednesday, December 24, 2014 2:48:17 PM
Subject: Re: [dmarc-ietf] Jim Fenton's review of -04
On Wednesday, December 24, 2014 10:46:42 Murray S. Kucherawy wrote:
On Wed, Dec 24, 2014 at 4
On Wed, Dec 24, 2014 at 5:48 PM, Scott Kitterman skl...@kitterman.com
wrote:
Messages for which SPF and/or DKIM evaluation encounters a temporary
DNS error have not received a definitive result for steps 3 and/or 4
above.
If the message has not passed the the DMARC mechanism check
On Wed, Dec 24, 2014 at 11:23 AM, Dave Crocker d...@dcrocker.net wrote:
The goal, as you state it, is at the level of seeking world peace. It
is very laudable and and very, very broad. It covers vastly more than
the scope of DMARC.
DMARC is a specific bit of technology working towards that
What about pointing it may be a security issue to let these messages through?
Only if we also point out that it may be a security issue not to let them
through.
Seasons xmas,
John
___
dmarc mailing list
dmarc@ietf.org
On Thursday, December 25, 2014 00:02:41 Murray S. Kucherawy wrote:
On Wed, Dec 24, 2014 at 5:48 PM, Scott Kitterman skl...@kitterman.com
wrote:
Messages for which SPF and/or DKIM evaluation encounters a temporary
DNS error have not received a definitive result for steps 3 and/or 4
On Mon, Dec 22, 2014 at 10:44 AM, Scott Kitterman skl...@kitterman.com
wrote:
There was a recent thread on postfix-users about DMARC rejections when
there
are DNS errors that caused me to review -08 to see what it says on the
matter.
At the end of section 5.6.2, it says:
Handling of
- Original Message -
From: Murray S. Kucherawy superu...@gmail.com
To: Scott Kitterman skl...@kitterman.com
Cc: dmarc@ietf.org
Sent: Tuesday, December 23, 2014 10:32:44 PM
Subject: Re: [dmarc-ietf] Jim Fenton's review of -04
On Mon, Dec 22, 2014 at 10:44 AM, Scott Kitterman skl
On Wed, Dec 24, 2014 at 2:13 AM, Franck Martin fra...@peachymango.org
wrote:
I think we should recommend something here, not sure if it needs to be
normative. We do say to ignore the SPF policy when p!=none, though I think
we can be normative on the lower layers. I see 2 options here:
- Original Message -
From: Murray S. Kucherawy superu...@gmail.com
To: Franck Martin fra...@peachymango.org
Cc: dmarc@ietf.org, Scott Kitterman skl...@kitterman.com
Sent: Tuesday, December 23, 2014 11:20:30 PM
Subject: Re: [dmarc-ietf] Jim Fenton's review of -04
On Wed, Dec 24
, 2014 11:20:30 PM
*Subject: *Re: [dmarc-ietf] Jim Fenton's review of -04
On Wed, Dec 24, 2014 at 2:13 AM, Franck Martin fra...@peachymango.org
wrote:
I think we should recommend something here, not sure if it needs to be
normative. We do say to ignore the SPF policy when p!=none, though I think
- Original Message -
From: Scott Kitterman skl...@kitterman.com
To: dmarc@ietf.org
Sent: Monday, December 22, 2014 7:44:04 AM
Subject: Re: [dmarc-ietf] Jim Fenton's review of -04
On Friday, December 19, 2014 01:30:10 PM Murray S. Kucherawy wrote:
Colleagues,
draft
On Monday, December 22, 2014 12:40:36 PM Franck Martin wrote:
- Original Message -
From: Scott Kitterman skl...@kitterman.com
To: dmarc@ietf.org
Sent: Monday, December 22, 2014 7:44:04 AM
Subject: Re: [dmarc-ietf] Jim Fenton's review of -04
On Friday, December 19, 2014 01
On 12/22/2014 08:02 PM, Scott Kitterman wrote:
On Monday, December 22, 2014 12:40:36 PM Franck Martin wrote:
- Original Message -
From: Scott Kitterman skl...@kitterman.com
To: dmarc@ietf.org
Sent: Monday, December 22, 2014 7:44:04 AM
Subject: Re: [dmarc-ietf] Jim Fenton's review
On 12/22/2014 11:11 AM, Rolf E. Sonneveld wrote:
Perhaps 5.6.3 needs something like SHOULD NOT act on DMARC policy if a
temporary error in SPF or DKIM processing prevents a full evaluation.
+1
We need to be careful about how this is phrased. I specifically suspect
that the above suggested
On 12/22/2014 08:16 PM, Dave Crocker wrote:
On 12/22/2014 11:11 AM, Rolf E. Sonneveld wrote:
Perhaps 5.6.3 needs something like SHOULD NOT act on DMARC policy if a
temporary error in SPF or DKIM processing prevents a full evaluation.
+1
We need to be careful about how this is phrased. I
- Original Message -
From: Dave Crocker d...@dcrocker.net
To: R E Sonneveld r.e.sonnev...@sonnection.nl, Scott Kitterman
skl...@kitterman.com
Cc: dmarc@ietf.org
Sent: Monday, December 22, 2014 11:16:01 AM
Subject: Re: [dmarc-ietf] Jim Fenton's review of -04
On 12/22/2014 11
On 12/22/2014 11:39 AM, Kurt Andersen wrote:
Failing means that the polices are not applied. As in MUST NOT be
applied.
DMARC is built on a positive assertion model. To say that a failure
means that no policy is applied is contrary to the model. The policy is
explicitly *applied*
Jim Fenton writes:
Hi, Dave -
On 12/19/2014 02:30 PM, Dave Crocker wrote:
[2.4 Out of Scope]
Bullet 10: Again, DMARC doesn't do authentication, even for domains; it
relies on other authentication mechanisms.
I originally thought this, too, but in fact DMARC does do
Hi, Dave -
On 12/19/2014 02:30 PM, Dave Crocker wrote:
[2.4 Out of Scope]
Bullet 10: Again, DMARC doesn't do authentication, even for domains; it
relies on other authentication mechanisms.
I originally thought this, too, but in fact DMARC does do authentication:
DMARC asserts
Colleagues,
draft-kucherawy-dmarc-base is nearing IESG conflict review, and it's been
pointed out that a review from back in April has not been properly attended
to.
Could I get the WG (forgive me, co-chairs!) to comment on this so that I
can see what changes might be appropriate here? Having
On 12/19/2014 1:30 PM, Murray S. Kucherawy wrote:
Could I get the WG (forgive me, co-chairs!) to comment
Some of Jim's note are about writing style, precision, specific
terminology usage, points of nuance, or requests for clarification.
I'll leave clarification to Murry, and I'll assume that
45 matches
Mail list logo