Being able to identify the service that originated a piece of email is extremely helpful in getting a domain to quarantine/reject.
Including all DKIM signatures found on a message (not just those that are aligned or that pass) in the DMARC aggregate reports can be very helpful in ascertaining that originating service. DKIM signatures are footprints - not always unambiguous, but they can be very helpful in figuring out exactly what's going on. From our perspective it's preferable that receivers include all signatures in the aggregate reports. Similarly, I'd strongly urge that receivers include selectors in the DMARC aggregate reports for much the same reason. The presence of a DKIM signature with a selector is often enough to allow one to make that identification. While the spec marks the selector optional, it's an extremely valuable piece of information that (as Tomki notes) is already provided by some receivers. Best, Peter On Thu, Jul 7, 2016 at 11:54 AM, Elizabeth Zwicky <[email protected]> wrote: > Tomki pointed out that I am completely wrong about selectors and lots of > people report them. I should have checked. > > Elizabeth > > [email protected] > > > On Jul 7, 2016, at 11:38 AM, Steven M Jones <[email protected]> wrote: > > > > I'm quoting the following response in a thread from the > > [email protected] mailing list, because I think it identifies work > > items or at least questions this WG may want to address. If this is > > already captured somewhere, my apologies. > > > > Here's the original thread: > > > > http://lists.dmarc.org/pipermail/dmarc-discuss/2016-July/003546.html > > > > > > Summary: How should DMARC aggregate reports reflect messages with > > multiple DKIM results? And should DKIM selectors be included in DMARC > > aggregate reports? > > > > > >> On 07/07/2016 09:16, Elizabeth Zwicky via dmarc-discuss wrote: > >> > >> And yes, it's entirely possible for a message to have 2 or more DKIM > >> signatures, including signatures for the same domain with different > >> results. As long as there exists a DKIM signature that is aligned and > >> passes, the DMARC DKIM result is pass. (As I recall, the spec is unclear > >> about what you do if there are multiple DKIM results. That should > >> probably be fixed and it would be nice if we allowed the selector to be > >> reported as well.) > > > > AND: > > > >> On 07/07/2016 09:53, Elizabeth Zwicky via dmarc-discuss wrote: > >> > >> I meant to say that the spec is unclear about what you do about > >> **reporting** multiple DKIM results. It's perfectly clear on how to > >> evaluate them. > > > > _______________________________________________ > > dmarc mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/dmarc > > _______________________________________________ > dmarc mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dmarc > -- Peter Goldstein CTO & Co-Founder, ValiMail [email protected] (415) 793-5783
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
