Re: [dmarc-discuss] DMARC forensic reporting options

2016-12-29 Thread Franck Martin via dmarc-discuss
John, Are you ready to send failure reports for emails received by you? Show the way, write about it, this may help others to do the same. Thanks On Fri, Dec 23, 2016 at 8:10 AM, John Comfort via dmarc-discuss < dmarc-discuss@dmarc.org> wrote: > Maybe it is time to rethink this, or open a

Re: [dmarc-discuss] DMARC forensic reporting options

2016-12-23 Thread Jonathan Knopp via dmarc-discuss
On 2016-12-23 10:09 AM, Juri Haberland via dmarc-discuss wrote: > When I look at the few failure reports that I receive, they all consist of > headers only - but all headers, not just a few. They do not include a > single line of the body. > So your proposal would just describe the reality - or

Re: [dmarc-discuss] DMARC forensic reporting options

2016-12-23 Thread Rolf E. Sonneveld via dmarc-discuss
John, On 23-12-16 17:10, John Comfort via dmarc-discuss wrote: Maybe it is time to rethink this, or open a more official dialogue. I understand folks don't want to send reports. I understand the privacy issue. However, without these reports, or at least *some* information sent regarding

Re: [dmarc-discuss] DMARC forensic reporting options

2016-12-23 Thread Steven M Jones via dmarc-discuss
On 12/23/2016 08:10, John Comfort via dmarc-discuss wrote: > Maybe it is time to rethink this, or open a more official dialogue. I > understand folks don't want to send reports. I understand the privacy > issue. However, without these reports, or at least *some* information > sent regarding the

Re: [dmarc-discuss] DMARC forensic reporting options

2016-12-23 Thread Juri Haberland via dmarc-discuss
On 23.12.2016 17:10, John Comfort via dmarc-discuss wrote: > I would be perfectly fine with limiting the information if people are > really that paranoid about header information. For example: date, > receiving server information, originating smtp server sender, and subject > line. This would

Re: [dmarc-discuss] DMARC forensic reporting options

2016-12-23 Thread John Comfort via dmarc-discuss
On Fri, Dec 23, 2016 at 9:08 AM, John R Levine wrote: > Maybe it is time to rethink this, or open a more official dialogue. I >> understand folks don't want to send reports. I understand the privacy >> issue. However, without these reports, or at least *some* information >>

Re: [dmarc-discuss] DMARC forensic reporting options

2016-12-23 Thread John Comfort via dmarc-discuss
Maybe it is time to rethink this, or open a more official dialogue. I understand folks don't want to send reports. I understand the privacy issue. However, without these reports, or at least *some* information sent regarding the unaligned emails, we are at an impasse to migrating to a 'reject'.

Re: [dmarc-discuss] DMARC forensic reporting options

2016-12-14 Thread John Levine via dmarc-discuss
>Any comments on this? I doubt it would make any difference. People don't send reports because they don't want to send reports, not because the reports are too big. As someone else noted, the privacy issues are just as bad with the headers. R's, John

Re: [dmarc-discuss] DMARC forensic reporting options

2016-12-14 Thread Vladimir Dubrovin via dmarc-discuss
I can't say for all DMARC implementers, but in our case concerns about (not) sending forensic reports are security and legal issues, not the size of message body. According to regulations, technical information about message, including not only headers, but also log records, BTW, is considered as

[dmarc-discuss] DMARC forensic reporting options

2016-12-14 Thread John Comfort via dmarc-discuss
As a result of mail receivers not sending forensic reports, the amount of time to migrate to a reject policy can increase considerably. It would be a nice option within the DMARC RFC to specify a new switch indicating the desire to receive header-only forensic reports. The expectation being that