Re: [dmarc-ietf] no hints for receivers

"John Levine" <johnl@taugh.com> Sat, 20 April 2013 20:09 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5CE921F874E for <dmarc@ietfa.amsl.com>; Sat, 20 Apr 2013 13:09:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -111.199
X-Spam-Level:
X-Spam-Status: No, score=-111.199 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HABEAS_ACCREDITED_SOI=-4.3, RCVD_IN_BSP_TRUSTED=-4.3, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QeaF5FsdZMeC for <dmarc@ietfa.amsl.com>; Sat, 20 Apr 2013 13:09:58 -0700 (PDT)
Received: from leila.iecc.com (leila6.iecc.com [IPv6:2001:470:1f07:1126:0:4c:6569:6c61]) by ietfa.amsl.com (Postfix) with ESMTP id C95FA21F86FA for <dmarc@ietf.org>; Sat, 20 Apr 2013 13:09:57 -0700 (PDT)
Received: (qmail 60841 invoked from network); 20 Apr 2013 20:11:31 -0000
Received: from leila.iecc.com (64.57.183.34) by mail1.iecc.com with QMQP; 20 Apr 2013 20:11:31 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=5172f615.xn--i8sz2z.k1304; i=johnl@user.iecc.com; bh=1sEhRxkgGpyJV8bqYL4CGCzRC7SDbwhzm06OLEBmxtg=; b=gam/tL8CKeLTZndQzTHjA/fa9qpM3x2VNz7OKLv8vr7RcOpVdjl7+RssNwlDacd7rLqcQde3JHFQTLHyzHswo/gN9op+vzJe6pXVoBkHQBZTotVWYfIcB6rrB/DqtLpLIooXud1gYA4VdKKScZ5Kl/c0R6KEJ+Fe/cyewlKNjdI=
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=5172f615.xn--i8sz2z.k1304; olt=johnl@user.iecc.com; bh=1sEhRxkgGpyJV8bqYL4CGCzRC7SDbwhzm06OLEBmxtg=; b=l5Z8lVYRvlG0UqSDM5QT/GN6UdNblRiaLvcsYdCabB2RMxDjz0hHOA3bm4faP+cAaf7xzCPZGMCLu6Op3zozWod4Be/jIobDUsW+rx7PbmP443bsxRju/zSi8YNmh3B0VlmuBW6wankH+0BYX/tvQHBIma/8c0rxtOlxPmZ3UTM=
Date: Sat, 20 Apr 2013 20:09:35 -0000
Message-ID: <20130420200935.46303.qmail@joyce.lan>
From: John Levine <johnl@taugh.com>
To: dmarc@ietf.org
In-Reply-To: <CAL0qLwZSNF7KP0nk8HFp6d9rcJx_gG7-CSWNMXks47i=jrqD6Q@mail.gmail.com>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 7bit
Cc: superuser@gmail.com
Subject: Re: [dmarc-ietf] no hints for receivers
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dmarc>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Apr 2013 20:09:59 -0000

>This is reminiscent of VBR (RFC5518).  It would be interesting to find out
>how much uptake of that there's been.

It's not really like VBR, which is for third party whitelists, with
the type tags being for auditing.  In any event the current usage
of VBR is approximately zero.  I don't know of any publisher of VBR
other than the vestigial Spamhaus whitelist.

My advice for senders who want to publish extra hints for receivers is
this: don't bother.

For a sender we don't know, we're going to ignore the hint since there
is no reason to believe it.  For a sender we do know, we're probably
going to accept your mail anyway and the hint won't help.

There might be some use for sender assertions in mail like the ones in
VBR to help audit and diagnose authentication screwups, but if they're
useful, they'll be useful on their own and not as part of DMARC.

R's,
John