Dianne I am not aware of any active efforts. Here are a few options that may have some viability for you and others. They may not have any viability either. :)
NOTE: This is not a statement that there is an acceptable solution to the privacy issues nor that additional work shouldn’t be done. Merely a summary of some known issues to mitigate. It is up to each domain owner to determine if there is an issue and if these mitigation options have value. No need to respond with the inadequacy of the options below - if they aren’t good enough then just don’t request forensic data and propose ways to change the specification to address privacy issues. 1. Don’t provide a ruf address and receive no forensic data for certain domains Eliminates privacy issue, eliminates all message-level data 2. Request forensic data on domains which have acceptable privacy concerns Forensic data is requested on a per-domain basis. This may help some organizations and not others. For example, if there is an [email protected] mail stream that is all automated messages without PII, forensic data could be received with minimal risk and domains such as [email protected] could not have forensic data collected. 3. Publish record with ruf parameter Po=0 This ensures message-level failures will only be received if both SPF and DKIM fail authentication (vs either one). This does not eliminate the issue, but when used in conjuction with delaying receipt of forensic data until most mail streams have some level of authentication, it reduces the risk significantly - only your lawyer can determine how much. For details on this argument, see Section 5.2 of https://datatracker.ietf.org/doc/draft-kucherawy-dmarc-base/?include_text=1 4. Redact forensic data upon receipt Either via a vendor or your own system, you can redact, upon ingestion of the forensic message, certain data fields and ensure the ingestion system never records or stores them. The data is transmitted over the internet (like the original message) but there will never be a human or machine readable record of fields which generate PII concerns. Some DMARC service providers support this. pat On Apr 24, 2014, at 5:32 AM, Solomon, Dianne B <[email protected]> wrote: > Hi.. I am new to DMARC. From what I am learning, few companies are > implementing forensic reporting because of potential privacy issues. Has > there been discussion on changing the format or delivery of the forensic > reports that would make it a more acceptable option? > > > Dianne Blitstein Solomon, CIPP, CIPP/IT | Architect, ISCD.IS.Messaging > Security | First Data Corporation | www.firstdata.com > 4000 Coral Ridge Drive, Coral Springs, FL 33065 | (O) +1.954.851.7290 | (M) > 954.695.8094 | GMT -5 > Suspect an information security incident? Please call 888-427-4468. > > > > > _______________________________________________ > dmarc mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dmarc
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
