Re: [dmarc-ietf] DMARCbis WGLC - Issue 144 Mention of ARC in DMARCbis

2024-04-02 Thread Emanuel Schorsch
Just to chime in, Gmail is using ARC and it has already provided a large amount of value for the indirect flow problem. Especially, since other major providers and a number of forwarders are adding ARC headers that provide us useful visibility into the previous hops and allow us to make more intell

Re: [dmarc-ietf] DMARCbis WGLC - Issue 144 Mention of ARC in DMARCbis

2024-04-02 Thread Emanuel Schorsch
Just to add some specifics, since August of 2023 we've gone from seeing ~100 ARC sealers of meaningful volume to over 300 as of yesterday. It is extremely important in our experience to have standard ways of identifying indirect flows. ListId headers and ReceivedHeaders are the bare minimum for Mai

Re: [dmarc-ietf] Overall last-call comments on DMARC

2024-04-02 Thread Alessandro Vesely
On Mon 01/Apr/2024 16:35:28 +0200 Murray S. Kucherawy wrote: On Mon, Apr 1, 2024 at 4:44 AM Alessandro Vesely wrote: * Mailing lists — Mailing list operators, including ietf.org, have had to implement rewriting of From addresses such as u...@example.com becomes user=40example@dmarc.ietf.o

Re: [dmarc-ietf] Standards Track? Yes or No.

2024-04-02 Thread Alessandro Vesely
On Tue 02/Apr/2024 07:13:16 +0200 Douglas Foster wrote: Standards track?   Not until we fix the failure inherited from RFC 7489: the untutored evaluator who does not know how to use DMARC results wisely. Doing it all-at-once would expand the time scale unbearably. In addition, we'd need to t

Re: [dmarc-ietf] DMARCbis WGLC - Issue 144 Mention of ARC in DMARCbis

2024-04-02 Thread Alessandro Vesely
On Tue 02/Apr/2024 10:11:08 +0200 Emanuel Schorsch wrote: Just to add some specifics, since August of 2023 we've gone from seeing ~100 ARC sealers of meaningful volume to over 300 as of yesterday. It is extremely important in our experience to have standard ways of identifying indirect flows. Lis

Re: [dmarc-ietf] ARC, was WGLC editorial review of draft-ietf-dmarc-dmarcbis-30

2024-04-02 Thread Alessandro Vesely
On Mon 01/Apr/2024 22:01:22 +0200 Murray S. Kucherawy wrote: On Mon, Apr 1, 2024 at 11:33 AM Todd Herr wrote: [...] Should DMARC-bis reference ARC? I don't know; can it? What I mean by that is that some of us have an interest in DMARC-bis being published as Standards track, and ARC is Expe

Re: [dmarc-ietf] Overall last-call comments on DMARC

2024-04-02 Thread Murray S. Kucherawy
On Tue, Apr 2, 2024 at 3:01 AM Alessandro Vesely wrote: > >> By now, most mailing lists arranged to either rewrite From: or not > break > >> DKIM signatures. We all hope those hacks are temporary. > > > > > What do you mean by "temporary", given the time scales that have already > > passed since

Re: [dmarc-ietf] DMARCbis WGLC - Issue 144 Mention of ARC in DMARCbis

2024-04-02 Thread Murray S. Kucherawy
Hi Emanuel, On Tue, Apr 2, 2024 at 1:02 AM Emanuel Schorsch wrote: > Just to chime in, Gmail is using ARC and it has already provided a large > amount of value for the indirect flow problem. Especially, since other > major providers and a number of forwarders are adding ARC headers that > provid

Re: [dmarc-ietf] ARC, DMARCbis WGLC - Issue 144 Mention of ARC in DMARCbis

2024-04-02 Thread John Levine
It appears that Murray S. Kucherawy said: >Can you give an example, even if only a hypothetical one? I'm not Emmanuel but people at large mail systems have told me that the biggest value of ARC is to deal with mailing lists that do lousy spam filtering. Lists often let anything through that has

Re: [dmarc-ietf] ARC, DMARCbis WGLC - Issue 144 Mention of ARC in DMARCbis

2024-04-02 Thread Murray S. Kucherawy
On Tue, Apr 2, 2024 at 8:49 AM John Levine wrote: > It appears that Murray S. Kucherawy said: > >Can you give an example, even if only a hypothetical one? > > I'm not Emmanuel but people at large mail systems have told me that > the biggest value of ARC is to deal with mailing lists that do lou

Re: [dmarc-ietf] Overall last-call comments on DMARC

2024-04-02 Thread Alessandro Vesely
On Tue 02/Apr/2024 15:35:05 +0200 Murray S. Kucherawy wrote: On Tue, Apr 2, 2024 at 3:01 AM Alessandro Vesely wrote: By now, most mailing lists arranged to either rewrite From: or not break DKIM signatures. We all hope those hacks are temporary. What do you mean by "temporary", given the ti

Re: [dmarc-ietf] ARC, DMARCbis WGLC - Issue 144 Mention of ARC in DMARCbis

2024-04-02 Thread Seth Blank
On Tue, Apr 2, 2024 at 11:58 AM Murray S. Kucherawy wrote: > On Tue, Apr 2, 2024 at 8:49 AM John Levine wrote: > >> It appears that Murray S. Kucherawy said: >> >Can you give an example, even if only a hypothetical one? >> >> I'm not Emmanuel but people at large mail systems have told me that

[dmarc-ietf] RUA XML : maxOccurs="unbounded" not allowed

2024-04-02 Thread OLIVIER HUREAU
Hi, I have tried to run some measurements with the new XSD but it seems that it is not valid : ``` xmlschema.validators.exceptions.XMLSchemaParseError: attribute maxOccurs='unbounded': value must be one of [0, 1]: ``` The complex type "ReportMetadataType" has a (see below). However the

Re: [dmarc-ietf] RUA XML : maxOccurs="unbounded" not allowed

2024-04-02 Thread Alessandro Vesely
On Tue 02/Apr/2024 18:41:50 +0200 OLIVIER HUREAU wrote: Hi, I have tried to run some measurements with the new XSD but it seems that it is not valid : ``` xmlschema.validators.exceptions.XMLSchemaParseError: attribute maxOccurs='unbounded': value must be one of [0, 1]: ``` The complex type

Re: [dmarc-ietf] RUA XML : maxOccurs="unbounded" not allowed

2024-04-02 Thread Matthäus Wander
OLIVIER HUREAU wrote on 2024-04-02 18:41: Shouldn't we remove the maxOccurs for the error element ? [...] NEW ```                 ``` For the sake of consistency, either remove maxOccurs from each element under or set maxOccurs="1" for each. Regards, Matt __

Re: [dmarc-ietf] DMARCbis WGLC - Issue 144 Mention of ARC in DMARCbis

2024-04-02 Thread Emanuel Schorsch
Three concrete use-cases where ARC is helpful: 1) SPF Downgrade . We didn't reach consensus for adding auth= tag to DMARC and so SPF Upgrade remains a significant vulnerability for achieving a DMARC pass. Havi

Re: [dmarc-ietf] Overall last-call comments on DMARC

2024-04-02 Thread Murray S. Kucherawy
On Tue, Apr 2, 2024 at 9:01 AM Alessandro Vesely wrote: > By now, most mailing lists arranged to either rewrite From: or not > break > DKIM signatures. We all hope those hacks are temporary. > >>> > >>> What do you mean by "temporary", given the time scales that have > already > >>> pa

Re: [dmarc-ietf] ARC, DMARCbis WGLC - Issue 144 Mention of ARC in DMARCbis

2024-04-02 Thread Murray S. Kucherawy
On Tue, Apr 2, 2024 at 9:03 AM Seth Blank wrote: > > I think details about the technique to which you're alluding, especially >> with real world examples, anecdotes, or other data, would be really >> valuable to publish somewhere, be that in this document or elsewhere. Even >> just a paragraph t

Re: [dmarc-ietf] ARC, DMARCbis WGLC - Issue 144 Mention of ARC in DMARCbis

2024-04-02 Thread Seth Blank
On Tue, Apr 2, 2024 at 2:18 PM Murray S. Kucherawy wrote: > On Tue, Apr 2, 2024 at 9:03 AM Seth Blank wrote: > >> >> I think details about the technique to which you're alluding, especially >>> with real world examples, anecdotes, or other data, would be really >>> valuable to publish somewhere,