Mailing List Archive: Fwd: [marf] I-D Action: draft-ietf-marf-spf-reporting-00.txt

Fwd: [marf] I-D Action: draft-ietf-marf-spf-reporting-00.txt

Jun 28, 2011, 6:46 AM

Post #1 of 3 (4524 views)

In the course of some other work I've been doing, I've started work on an
extension to both SPF and the Messaging Abuse Reporting Format. If you don't
care about feedback reports you can mostly ignore this, but it does affect SPF
in one more general way, it creates an IANA registry of known modifiers.

This is part of the work of an established IETF working group, so I hope it
can serve to solidify the status of SPF within the IETF (and yes, I still plan
to work on a 4408bis to get it out of experimental).

Please review and comment (either here or on the MARF list).

Scott K

---------- Forwarded Message ----------

Subject: [marf] I-D Action: draft-ietf-marf-spf-reporting-00.txt
Date: Tuesday, June 28, 2011, 09:35:07 AM
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
CC: marf@ietf.org

A New Internet-Draft is available from the on-line Internet-Drafts
directories. This draft is a work item of the Messaging Abuse Reporting Format
Working Group of the IETF.

Title : SPF Authentication Failure Reporting using the Abuse
Report Format
Author(s) : Scott Kitterman
Filename : draft-ietf-marf-spf-reporting-00.txt
Pages : 16
Date : 2011-06-28

This memo presents extensions to the Abuse Reporting Format (ARF),
and Sender Policy Framework (SPF) specifications to allow for
detailed reporting of message authentication failures in an on-demand
fashion.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-marf-spf-reporting-00.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-ietf-marf-spf-reporting-00.txt
_______________________________________________
marf mailing list
marf@ietf.org
https://www.ietf.org/mailman/listinfo/marf

-----------------------------------------

-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]

Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/1311532-17d8a1ba
Modify Your Subscription: https://www.listbox.com/member/?member_id=1311532&id_secret=1311532-f2ea6ed9
Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=1311532&id_secret=1311532-bdbb122a&post_id=20110628094640:0B9782BA-A18D-11E0-A020-B2A0DEACEFF0
Powered by Listbox: http://www.listbox.com

Re: Fwd: [marf] I-D Action: draft-ietf-marf-spf-reporting-00.txt [ In reply to ]

philip at gladstonefamily

Jul 10, 2011, 8:01 AM

Post #2 of 3 (4366 views)

Permalink

You can do most of this today by careful choice of the elements in your
SPF record.

My SPF record contains a logging entry that allows me to see who is
sending mail for my domain. This, coupled with a 'stunt' DNS server
allows me to create logs showing what is going on.

Yes, this proposal is more versatile, but I have to question the premise:

> There exist cases in which a domain name owner employing [SPF] for
> announcing sending practises may want to know when messages are
> received via unauthorized routing. Currently there is no such
> mechanism defined.

The last sentence isn't true -- I'm doing it today. However, I will
admit that there are buggy implementations of SPF that don't get all the
macro expansions correct! Adding a new mechanism is unlikely to help this.

My record is (currently):

v=spf1
ip4:140.177.205.131
a:mail.employees.org
ip6:2001:1868:4001:3a00:21:9bff:fefc:5ac9
-exists:%{i}.%{l1r-}.user.%{d}
ptr:zen.co.uk
a:charon.gladstonefamily.net
-exists:%{ir}.mrbl.%{d}
-exists:%{i}.3/86400.rate.%{d}
~all

Philip

p.s. Would people be interested in a web interface to look at their SPF
drop statistics?

On 6/28/2011 9:46 AM, Scott Kitterman wrote:
> In the course of some other work I've been doing, I've started work on an
> extension to both SPF and the Messaging Abuse Reporting Format. If you don't
> care about feedback reports you can mostly ignore this, but it does affect SPF
> in one more general way, it creates an IANA registry of known modifiers.
>
> This is part of the work of an established IETF working group, so I hope it
> can serve to solidify the status of SPF within the IETF (and yes, I still plan
> to work on a 4408bis to get it out of experimental).
>
> Please review and comment (either here or on the MARF list).
>
> Scott K
>
>
> ---------- Forwarded Message ----------
>
> Subject: [marf] I-D Action: draft-ietf-marf-spf-reporting-00.txt
> Date: Tuesday, June 28, 2011, 09:35:07 AM
> From: internet-drafts@ietf.org
> To: i-d-announce@ietf.org
> CC: marf@ietf.org
>
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories. This draft is a work item of the Messaging Abuse Reporting Format
> Working Group of the IETF.
>
> Title : SPF Authentication Failure Reporting using the Abuse
> Report Format
> Author(s) : Scott Kitterman
> Filename : draft-ietf-marf-spf-reporting-00.txt
> Pages : 16
> Date : 2011-06-28
>
> This memo presents extensions to the Abuse Reporting Format (ARF),
> and Sender Policy Framework (SPF) specifications to allow for
> detailed reporting of message authentication failures in an on-demand
> fashion.
>
>
> A URL for this Internet-Draft is:
> http://www.ietf.org/internet-drafts/draft-ietf-marf-spf-reporting-00.txt
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
>
> This Internet-Draft can be retrieved at:
> ftp://ftp.ietf.org/internet-drafts/draft-ietf-marf-spf-reporting-00.txt
> _______________________________________________
> marf mailing list
> marf@ietf.org
> https://www.ietf.org/mailman/listinfo/marf
>
>
> -----------------------------------------
>
>
> -------------------------------------------
> Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
> Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]
>
> Archives: https://www.listbox.com/member/archive/735/=now
> RSS Feed: https://www.listbox.com/member/archive/rss/735/835710-69e7d341
> Modify Your Subscription: https://www.listbox.com/member/?&
> Unsubscribe Now: https://www.listbox.com/unsubscribe/?&&post_id=20110628094640:0B9782BA-A18D-11E0-A020-B2A0DEACEFF0
> Powered by Listbox: http://www.listbox.com
>
>

--
Philip Gladstone
Ham: N1DQ

-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]

Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/1311532-17d8a1ba
Modify Your Subscription: https://www.listbox.com/member/?member_id=1311532&id_secret=1311532-f2ea6ed9
Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=1311532&id_secret=1311532-bdbb122a&post_id=20110710110152:8A9D9C94-AB05-11E0-B9B0-B7D4DE82D4F9
Powered by Listbox: http://www.listbox.com

Re: Fwd: [marf] I-D Action: draft-ietf-marf-spf-reporting-00.txt [ In reply to ]

scott at kitterman

Jul 10, 2011, 7:57 PM

Post #3 of 3 (4362 views)

Permalink

I agree. I'll correct the one sentence. This draft is intended to assist
with SPF based FBRs for senders that are planning on setting up a FBR sending
infrastructure. I agree that most of the same data can be gotten from a stunt
DNS server and an appropriate SPF record, but the FBR based approach is more
in line with the general trend among large email providers.

Bottom line is that while you are right, people can get this data another way,
almost no one does so providing this way to do it is, I think, reasonable. I
will make it clear though that it's not the only way to do this.

Scott K

On Sunday, July 10, 2011 11:01:35 AM you wrote:
> You can do most of this today by careful choice of the elements in your
> SPF record.
>
> My SPF record contains a logging entry that allows me to see who is
> sending mail for my domain. This, coupled with a 'stunt' DNS server
> allows me to create logs showing what is going on.
>
> Yes, this proposal is more versatile, but I have to question the premise:
> > There exist cases in which a domain name owner employing [SPF] for
> >
> > announcing sending practises may want to know when messages are
> > received via unauthorized routing. Currently there is no such
> > mechanism defined.
>
> The last sentence isn't true -- I'm doing it today. However, I will
> admit that there are buggy implementations of SPF that don't get all the
> macro expansions correct! Adding a new mechanism is unlikely to help this.
>
> My record is (currently):
>
> v=spf1
> ip4:140.177.205.131
> a:mail.employees.org
> ip6:2001:1868:4001:3a00:21:9bff:fefc:5ac9
> -exists:%{i}.%{l1r-}.user.%{d}
> ptr:zen.co.uk
> a:charon.gladstonefamily.net
> -exists:%{ir}.mrbl.%{d}
> -exists:%{i}.3/86400.rate.%{d}
> ~all
>
> Philip
>
> p.s. Would people be interested in a web interface to look at their SPF
> drop statistics?
>
> On 6/28/2011 9:46 AM, Scott Kitterman wrote:
> > In the course of some other work I've been doing, I've started work on an
> > extension to both SPF and the Messaging Abuse Reporting Format. If you
> > don't care about feedback reports you can mostly ignore this, but it
> > does affect SPF in one more general way, it creates an IANA registry of
> > known modifiers.
> >
> > This is part of the work of an established IETF working group, so I hope
> > it can serve to solidify the status of SPF within the IETF (and yes, I
> > still plan to work on a 4408bis to get it out of experimental).
> >
> > Please review and comment (either here or on the MARF list).
> >
> > Scott K
> >
> >
> > ---------- Forwarded Message ----------
> >
> > Subject: [marf] I-D Action: draft-ietf-marf-spf-reporting-00.txt
> > Date: Tuesday, June 28, 2011, 09:35:07 AM
> > From: internet-drafts@ietf.org
> > To: i-d-announce@ietf.org
> > CC: marf@ietf.org
> >
> > A New Internet-Draft is available from the on-line Internet-Drafts
> > directories. This draft is a work item of the Messaging Abuse Reporting
> > Format Working Group of the IETF.
> >
> > Title : SPF Authentication Failure Reporting using the Abuse
> >
> > Report Format
> >
> > Author(s) : Scott Kitterman
> > Filename : draft-ietf-marf-spf-reporting-00.txt
> > Pages : 16
> > Date : 2011-06-28
> >
> > This memo presents extensions to the Abuse Reporting Format (ARF),
> > and Sender Policy Framework (SPF) specifications to allow for
> > detailed reporting of message authentication failures in an on-demand
> > fashion.
> >
> > A URL for this Internet-Draft is:
> > http://www.ietf.org/internet-drafts/draft-ietf-marf-spf-reporting-00.txt
> >
> > Internet-Drafts are also available by anonymous FTP at:
> > ftp://ftp.ietf.org/internet-drafts/
> >
> > This Internet-Draft can be retrieved at:
> > ftp://ftp.ietf.org/internet-drafts/draft-ietf-marf-spf-reporting-00.txt

-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ [http://www.listbox.com/member/]

Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/1311532-17d8a1ba
Modify Your Subscription: https://www.listbox.com/member/?member_id=1311532&id_secret=1311532-f2ea6ed9
Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=1311532&id_secret=1311532-bdbb122a&post_id=20110710225714:79C7C246-AB69-11E0-99A6-FBB3F559ED1D
Powered by Listbox: http://www.listbox.com