Skip to main content

Creation and Use of Email Feedback Reports: An Applicability Statement for the Abuse Reporting Format (ARF)
RFC 6650

Revision differences

Document history

Date Rev. By Action
2015-10-14
16 (System) Notify list changed from marf-chairs@ietf.org, draft-ietf-marf-as@ietf.org to (None)
2012-06-26
16 (System) RFC published
2012-05-24
16 Martin Thomson Request for Last Call review by GENART Completed. Reviewer: Martin Thomson.
2012-05-01
16 Amy Vezza State changed to RFC Ed Queue from Approved-announcement sent
2012-04-30
16 (System) IANA Action state changed to No IC from In Progress
2012-04-30
16 (System) IANA Action state changed to In Progress
2012-04-30
16 Amy Vezza State changed to Approved-announcement sent from Approved-announcement to be sent
2012-04-30
16 Amy Vezza IESG has approved the document
2012-04-30
16 Amy Vezza Closed "Approve" ballot
2012-04-26
16 Samuel Weiler Request for Last Call review by SECDIR Completed. Reviewer: Scott Kelly.
2012-04-26
16 Cindy Morgan State changed to Approved-announcement to be sent from IESG Evaluation
2012-04-26
16 Pete Resnick Ballot approval text was generated
2012-04-26
16 Pete Resnick Ballot approval text was generated
2012-04-26
16 Pete Resnick Ballot writeup was changed
2012-04-26
16 Robert Sparks [Ballot Position Update] Position for Robert Sparks has been changed to No Objection from Discuss
2012-04-25
16 Ralph Droms [Ballot Position Update] New position, No Objection, has been recorded for Ralph Droms
2012-04-25
16 Benoît Claise [Ballot comment]
Thanks for addressing my points
2012-04-25
16 Benoît Claise [Ballot Position Update] Position for Benoit Claise has been changed to No Objection from Discuss
2012-04-25
16 Murray Kucherawy New version available: draft-ietf-marf-as-16.txt
2012-04-25
15 Adrian Farrel
[Ballot comment]
Forgive me, but doesn't section 8.2 say that forged abuse reports
constitue a real problem and the two mechanisms available to protect
against …
[Ballot comment]
Forgive me, but doesn't section 8.2 say that forged abuse reports
constitue a real problem and the two mechanisms available to protect
against them may result in genuine abuse reports being discarded?

Is the message here "chosse which you think might be the least worse
problem" or is it "you should use DKIM and SPF, but be aware that you
may lose some genuine reports"?

I would have liked some clarification as to which message is being sent.
2012-04-25
15 Adrian Farrel [Ballot Position Update] New position, No Objection, has been recorded for Adrian Farrel
2012-04-25
15 Murray Kucherawy New version available: draft-ietf-marf-as-15.txt
2012-04-25
14 Brian Haberman [Ballot comment]
Thanks for addressing my comments.
2012-04-25
14 Brian Haberman Ballot comment text updated for Brian Haberman
2012-04-24
14 Wesley Eddy [Ballot Position Update] New position, No Objection, has been recorded for Wesley Eddy
2012-04-24
14 Sean Turner [Ballot Position Update] Position for Sean Turner has been changed to No Objection from Discuss
2012-04-24
14 Robert Sparks
[Ballot discuss]
The MUST in section 4.5 item 1 may need clarification. Do you mean to say that the system MUST accept a report with …
[Ballot discuss]
The MUST in section 4.5 item 1 may need clarification. Do you mean to say that the system MUST accept a report with a feedback type with any value that makes it into the (specification-required) registry? Or are you wanting to scope that to values that were registered with an RFC that Updates/Obsoletes 5965? Or something else? Is this effectively requiring implementations of automated report processing systems to be configurable with what feedback types it will accept? If so, would it make sense to say that explicitly? Also, consider more detail on what accept means here. Does it mean the system can't return a rejection response (what bad happens if it does?) or is the intent that it must _process_ the report.
2012-04-24
14 Robert Sparks
[Ballot comment]
In section 5.1 item 1, is there a typical unstandardized out-of-band mechanism for telling unsolicited reporters to please stop that you can call …
[Ballot comment]
In section 5.1 item 1, is there a typical unstandardized out-of-band mechanism for telling unsolicited reporters to please stop that you can call out as an example (an existence proof)?

In Section 6, item 1, the sentence "Automatic feedback generators MUST select recipients based on data provided by the report recipient." is really hard to understand (it's almost circular). Is it trying to say something like "Automatic feedback generators MUST only send to addresses explicitly provided by willing recipients."?
2012-04-24
14 Robert Sparks [Ballot Position Update] New position, Discuss, has been recorded for Robert Sparks
2012-04-24
14 Pete Resnick State changed to IESG Evaluation from Waiting for AD Go-Ahead
2012-04-24
14 Stewart Bryant [Ballot Position Update] New position, No Objection, has been recorded for Stewart Bryant
2012-04-24
14 (System) State changed to Waiting for AD Go-Ahead from In Last Call
2012-04-23
14 Ron Bonica [Ballot Position Update] New position, No Objection, has been recorded for Ronald Bonica
2012-04-23
14 Sean Turner
[Ballot discuss]
s5.2 bullet #2: Includes the following text:

  Therefore, as with any other
  message, Feedback Providers sending unsolicited reports SHOULD
  send …
[Ballot discuss]
s5.2 bullet #2: Includes the following text:

  Therefore, as with any other
  message, Feedback Providers sending unsolicited reports SHOULD
  send reports that will pass Sender Policy Framework ([RFC4408])
  and/or DomainKeys Identified Mail ([RFC6376]) checks.

If DKIM is the standards track solution and SPF is experimental shouldn't DKIM be the SHOULD and SPF be a MAY?
2012-04-23
14 Sean Turner [Ballot Position Update] New position, Discuss, has been recorded for Sean Turner
2012-04-23
14 Stephen Farrell
[Ballot comment]

Just a bunch of nitty comments. Feel free to take 'em or leave
'em.

5.1 (1) - this has a MUST but there's …
[Ballot comment]

Just a bunch of nitty comments. Feel free to take 'em or leave
'em.

5.1 (1) - this has a MUST but there's no well-defined/standard way to
satisfy the MUST, maybe make that an "ought"?

5.1 (2) - I think you mean that "they think will" pass SPF/DKIM checks,
since they can't be sure

5.2 (1) - "the receiver" is a bit ambiguous in the 1st sentence, maybe
s/the receiver/the report receiver/? (Or if handling is expensive for
both, then maybe say that.)

5.3 (1) - what does "SHOULD make" mean? Same comment as above for use
of SHOULD when there's no standard way to do it, i.e. maybe
s/SHOULD/ought/

5.5 (1) - is "bulk senders" at the end here ambiguous? I read it as
referring to the sender of the message(s) that triggered the report.

6 - what is a "smaller" AS or use-case? Do you mean fewer people will
do this or that its simpler?

6 - point (3), is the "MUST be constructed" there right? If everything
needed to satisfy this MUST is later in point 3, then you could say
"MUST be done as stated below" - as is, this looks like there's
something else needed to satisfy the MUST but you don't say what.

8.3 - this is a little terse, maybe point back at those recommendations
or say a bit more?

8.4 - might be better to say "larger volumes or higher frequency"

8.5 - I guess this means that report receivers ought not react to
missing reports as if something was wrong. Not sure if that's worth
noting explicitly or not.
2012-04-23
14 Stephen Farrell [Ballot Position Update] New position, No Objection, has been recorded for Stephen Farrell
2012-04-23
14 Benoît Claise
[Ballot discuss]
DISCUSS-DISCUSS

Abstract

  RFC 5965 defines an extensible, machine-readable format intended for
  mail operators to report feedback about received email to other …
[Ballot discuss]
DISCUSS-DISCUSS

Abstract

  RFC 5965 defines an extensible, machine-readable format intended for
  mail operators to report feedback about received email to other
  parties.  This Applicability Statement describes common methods for
  utilizing this format for reporting both abuse and authentication
  failure events.  Mailbox Providers of any size, mail sending
  entities, and end users can use these methods as a basis to create
  procedures that best suit them.  Some related optional mechanisms are
  also discussed.

Before reviewing this draft, I browsed through the 4 RFCs at http://datatracker.ietf.org/wg/marf/
Question: is this intentional that the abstract and the draft only mention the "abuse" and "auth-failure" Feedback Type Name, and not the others ones?
fraud [RFC5965]
not-spam [RFC6430]
virus [RFC5965]

Not a single reference to fraud, not-spam, virus, and [RFC6430]
I'm surprised not to see the full ARF capacities mentioned in a document titled "An Applicability Statement for the Abuse Reporting Format (ARF)", and would like to understand.
2012-04-23
14 Benoît Claise
[Ballot comment]
- I see a lot of sentences such as "... discussed in Section X of [RFC6449]."
And the only sentence in …
[Ballot comment]
- I see a lot of sentences such as "... discussed in Section X of [RFC6449]."
And the only sentence in the introduction related to that RFC is: "Further introduction to this topic may be found in [RFC6449]."
Some sentences explaining what this informational RFC is about would be very welcome.

- please expand SPF

- Section 5.2
"RFC5321.MailFrom" Doesn't read right to me in: "If a Feedback Provider applies SPF to arriving messages, a report
SHOULD NOT be generated to the RFC5321.MailFrom domain"
2012-04-23
14 Benoît Claise [Ballot Position Update] New position, Discuss, has been recorded for Benoit Claise
2012-04-22
14 Martin Stiemerling [Ballot Position Update] New position, No Objection, has been recorded for Martin Stiemerling
2012-04-22
14 Russ Housley [Ballot Position Update] New position, No Objection, has been recorded for Russ Housley
2012-04-20
14 Murray Kucherawy New version available: draft-ietf-marf-as-14.txt
2012-04-19
13 Jean Mahoney Request for Last Call review by GENART is assigned to Martin Thomson
2012-04-19
13 Jean Mahoney Request for Last Call review by GENART is assigned to Martin Thomson
2012-04-19
13 Brian Haberman
[Ballot comment]
I just have a few comments/suggestions/questions on a reasonably well-written document.

1. I am not a big fan of document sections that only …
[Ballot comment]
I just have a few comments/suggestions/questions on a reasonably well-written document.

1. I am not a big fan of document sections that only contain ordered lists of items.  At what point in the documentation process were you planning on changing the format of sections 4-7?

2. Section 6.2, bullet 2 - I think it would be clearer to change "Systems" to "Feedback Providers" in order to retain consistency with the remainder of the document.

3. Sections 4 & 5 give explicit guidance on the format of the reports to be sent/received when feedback is explicitly solicited. I don't see the same level of detail for unsolicited reports.  Are the messages semantically and syntactically the same?  If so, I would suggest creating a stand-alone section that describes the messages generation requirements and only add specific deltas in the more detailed sections.
2012-04-19
13 Brian Haberman [Ballot Position Update] New position, No Objection, has been recorded for Brian Haberman
2012-04-12
13 Jean Mahoney Request for Last Call review by GENART is assigned to Martin Thomson
2012-04-12
13 Jean Mahoney Request for Last Call review by GENART is assigned to Martin Thomson
2012-04-11
13 Samuel Weiler Request for Last Call review by SECDIR is assigned to Scott Kelly
2012-04-11
13 Samuel Weiler Request for Last Call review by SECDIR is assigned to Scott Kelly
2012-04-10
13 Pearl Liang
IESG:

IANA has reviewed draft-ietf-marf-as-13.txt, which is currently in Last
Call, and has the following comments:

We understand that this document doesn't require any …
IESG:

IANA has reviewed draft-ietf-marf-as-13.txt, which is currently in Last
Call, and has the following comments:

We understand that this document doesn't require any IANA actions.
2012-04-10
13 Barry Leiba [Ballot Position Update] New position, Yes, has been recorded for Barry Leiba
2012-04-10
13 Cindy Morgan Last call sent
2012-04-10
13 Cindy Morgan
State changed to In Last Call from Last Call Requested<br><br>The following Last Call Announcement was sent out:<br><br>From: The IESG <iesg-secretary@ietf.org><br><br>To: IETF-Announce …
State changed to In Last Call from Last Call Requested<br><br>The following Last Call Announcement was sent out:<br><br>From: The IESG <iesg-secretary@ietf.org><br><br>To: IETF-Announce <ietf-announce@ietf.org><br><br>CC: <marf@ietf.org><br><br>Reply-To: ietf@ietf.org<br><br>Subject: Last Call: <draft-ietf-marf-as-13.txt> (Creation and Use of Email Feedback Reports: An Applicability Statement for the Abuse Reporting Format (ARF)) to Proposed Standard<br><br><br><br><br><br>The IESG has received a request from the Messaging Abuse Reporting Format<br><br>WG (marf) to consider the following document:<br><br>- 'Creation and Use of Email Feedback Reports: An Applicability Statement<br><br>  for the Abuse Reporting Format (ARF)'<br><br>  <draft-ietf-marf-as-13.txt> as a Proposed Standard<br><br><br><br>The IESG plans to make a decision in the next few weeks, and solicits<br><br>final comments on this action. Please send substantive comments to the<br><br>ietf@ietf.org mailing lists by 2012-04-24. Exceptionally, comments may be<br><br>sent to iesg@ietf.org instead. In either case, please retain the<br><br>beginning of the Subject line to allow automated sorting.<br><br><br><br>Abstract<br><br><br><br><br><br>  RFC 5965 defines an extensible, machine-readable format intended for<br><br>  mail operators to report feedback about received email to other<br><br>  parties.  This Applicability Statement describes common methods for<br><br>  utilizing this format for reporting both abuse and authentication<br><br>  failure events.  Mailbox Providers of any size, mail sending<br><br>  entities, and end users can use these methods as a basis to create<br><br>  procedures that best suit them.  Some related optional mechanisms are<br><br>  also discussed.<br><br><br><br><br><br><br><br><br><br>The file can be obtained via<br><br>http://datatracker.ietf.org/doc/draft-ietf-marf-as/<br><br><br><br>IESG discussion can be tracked via<br><br>http://datatracker.ietf.org/doc/draft-ietf-marf-as/ballot/<br><br><br><br><br><br>No IPR declarations have been submitted directly on this I-D.<br><br><br><br>There is a downward reference to Informational document RFC 5598.<br><br>
2012-04-10
13 Pete Resnick Placed on agenda for telechat - 2012-04-26
2012-04-10
13 Pete Resnick Ballot has been issued
2012-04-10
13 Pete Resnick [Ballot Position Update] New position, Yes, has been recorded for Pete Resnick
2012-04-10
13 Pete Resnick Created "Approve" ballot
2012-04-10
13 Pete Resnick Last call was requested
2012-04-10
13 Pete Resnick State changed to Last Call Requested from AD Evaluation::AD Followup
2012-04-10
13 Pete Resnick Last call announcement was changed
2012-04-10
13 Pete Resnick Last call announcement was generated
2012-04-08
13 (System) Sub state has been changed to AD Followup from Revised ID Needed
2012-04-08
13 Murray Kucherawy New version available: draft-ietf-marf-as-13.txt
2012-04-03
12 Pete Resnick State changed to AD Evaluation::Revised ID Needed from AD Evaluation
2012-03-31
12 Pete Resnick Ballot approval text was generated
2012-03-30
12 Murray Kucherawy IETF state changed to Submitted to IESG for Publication from Waiting for WG Chair Go-Ahead
2012-03-30
12 Murray Kucherawy Annotation tag Revised I-D Needed - Issue raised by AD cleared.
2012-03-30
12 Murray Kucherawy Revised per Pete and Barry.
2012-03-30
12 Murray Kucherawy New version available: draft-ietf-marf-as-12.txt
2012-03-29
11 Murray Kucherawy IETF state changed to Waiting for WG Chair Go-Ahead from Submitted to IESG for Publication
2012-03-29
11 Murray Kucherawy Annotation tag Revised I-D Needed - Issue raised by AD set.
2012-03-27
11 Pete Resnick Ballot writeup was changed
2012-03-27
11 Pete Resnick Ballot writeup was generated
2012-03-27
11 Pete Resnick Last call announcement was generated
2012-03-08
11 Murray Kucherawy Pete requested reworking of the 2119 language.
2012-03-08
11 Pete Resnick State changed to AD Evaluation from Publication Requested
2012-03-05
11 Cindy Morgan
The MARF Working Group requests the publication of draft-ietf-marf-as as a Proposed Standard.

(1) What type of RFC is being requested (BCP, Proposed Standard,
Internet …
The MARF Working Group requests the publication of draft-ietf-marf-as as a Proposed Standard.

(1) What type of RFC is being requested (BCP, Proposed Standard,
Internet Standard, Informational, Experimental, or Historic)?  Why
is this the proper type of RFC?  Is this type of RFC indicated in the
title page header?

This document, aimed at Proposed Standard, is an Applicability Statement that covers typical MARF use cases.  It is meant to be used, and progressed along the Standards Track, alongside with the MARF base specification.  The title page specifies "Standards Track".

(2) The IESG approval announcement includes a Document Announcement
Write-Up. Please provide such a Document Announcement Write-Up. Recent
examples can be found in the "Action" announcements for approved
documents. The approval announcement contains the following sections:

Technical Summary

  RFC 5965 defines an extensible, machine-readable format intended for
  mail operators to report feedback about received email to other
  parties.  This Applicability Statement describes common methods for
  utilizing this format for reporting both abuse and authentication
  failure events.  Mailbox Providers of any size, mail sending
  entities, and end users can use these methods as a basis to create
  procedures that best suit them.  Some related optional mechanisms are
  also discussed.

Working Group Summary

  The primary contention point in the development of this document involved
  what and how much to include, striking a balance between an Applicability
  Statement and an "implementation cookbook".  Because we have limited
  recent experience with Applicability Statements, the participants were not
  sure what belongs in them, and what constitutes "too much detail" that's
  best left for other forms of documentation.
 
  In the end, the working group produced a version that most of the
  participants could be happy with, and the document as presented has the
  broad support of the MARF working group.

Document Quality

  This document reflects the current MARF implementations in the field,
  of which there are many.  That said, we do expect that it might be
  modified over time, as the MARF base specification itself matures along
  the Standards Track.

Personnel

  Barry Leiba is the document shepherd; Pete Resnick is the
  responsible AD. 

(3) Briefly describe the review of this document that was performed by
the Document Shepherd.  If this version of the document is not ready
for publication, please explain why the document is being forwarded to
the IESG.

I have reviewed the final version of the document in detail, and I believe it is ready for publication as a Proposed Standard.  (I also reviewed earlier versions, as it developed in the working group).

(4) Does the document Shepherd have any concerns about the depth or
breadth of the reviews that have been performed?

No concerns.

(5) Do portions of the document need review from a particular or from
broader perspective, e.g., security, operational complexity, AAA, DNS,
DHCP, XML, or internationalization? If so, describe the review that
took place.

No.

(6) Describe any specific concerns or issues that the Document Shepherd
has with this document that the Responsible Area Director and/or the
IESG should be aware of? For example, perhaps he or she is uncomfortable
with certain parts of the document, or has concerns whether there really
is a need for it. In any event, if the WG has discussed those issues and
has indicated that it still wishes to advance the document, detail those
concerns here.

No concerns.  The document has broad consensus in the working group, and is solid.

(7) Has each author confirmed that any and all appropriate IPR
disclosures required for full conformance with the provisions of BCP 78
and BCP 79 have already been filed. If not, explain why.

No IPR disclosures have been filed, and the editor is not aware of any IPR claims.  I have also asked the working group as a whole about IPR claims, and no one has come forward.

(8) Has an IPR disclosure been filed that references this document?
If so, summarize any WG discussion and conclusion regarding the IPR
disclosures.

See 7.

(9) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with others
being silent, or does the WG as a whole understand and agree with it?

There is broad consensus within the working group.  That said, relatively few participants remain active at this point, so that consensus consists of about a half dozen individuals.

(10) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in separate
email messages to the Responsible Area Director. (It should be in a
separate email because this questionnaire is publicly available.)

No.

(11) Identify any ID nits the Document Shepherd has found in this
document. (See http://www.ietf.org/tools/idnits/ and the Internet-Drafts
Checklist). Boilerplate checks are not enough; this check needs to be
thorough.

None.

(12) Describe how the document meets any required formal review
criteria, such as the MIB Doctor, media type, and URI type reviews.

None required.

(13) Have all references within this document been identified as
either normative or informative?

Yes.

(14) Are there normative references to documents that are not ready for
advancement or are otherwise in an unclear state? If such normative
references exist, what is the plan for their completion?

No.

(15) Are there downward normative references references (see RFC 3967)?
If so, list these downward references to support the Area Director in the
Last Call procedure.

This document refers normatively to RFC 5598, "Internet Mail Architecture", which is Informational.

(16) Will publication of this document change the status of any
existing RFCs? Are those RFCs listed on the title page header, listed
in the abstract, and discussed in the introduction? If the RFCs are not
listed in the Abstract and Introduction, explain why, and point to the
part of the document where the relationship of this document to the
other RFCs is discussed. If this information is not in the document,
explain why the WG considers it unnecessary.

This document, as an Applicability Statement for the MARF base protocol, updates RFC 5965.  The Abstract and Introduction both explain the situation.

(17) Describe the Document Shepherd's review of the IANA considerations
section, especially with regard to its consistency with the body of the
document. Confirm that all protocol extensions that the document makes
are associated with the appropriate reservations in IANA registries.
Confirm that any referenced IANA registries have been clearly
identified. Confirm that newly created IANA registries include a
detailed specification of the initial contents for the registry, that
allocations procedures for future registrations are defined, and a
reasonable name for the new registry has been suggested (see RFC 5226).

There are no IANA actions in this document, and the IANA Considerations section says that.

(18) List any new IANA registries that require Expert Review for future
allocations. Provide any public guidance that the IESG would find
useful in selecting the IANA Experts for these new registries.

None.

(19) Describe reviews and automated checks performed by the Document
Shepherd to validate sections of the document written in a formal
language, such as XML code, BNF rules, MIB definitions, etc.

I've run the stuff through the standard idnits checker.  There is no ABNF and no other formal language in this document.
2012-03-05
11 Cindy Morgan State changed to Publication Requested from AD is watching
2012-03-05
11 Cindy Morgan Note added 'Barry Leiba (barryleiba@computer.org) is the document shepherd.'
2012-03-05
11 Barry Leiba IETF state changed to Submitted to IESG for Publication from WG Document
2012-03-05
11 Barry Leiba Changed protocol writeup
2012-03-02
11 Barry Leiba Sending to Re-Pete
2012-03-02
11 Murray Kucherawy New version available: draft-ietf-marf-as-11.txt
2012-02-24
10 Murray Kucherawy WGLC ends March 2, 2012
2012-02-24
10 Murray Kucherawy IETF state changed to In WG Last Call from WG Document
2012-02-23
10 (System) New version available: draft-ietf-marf-as-10.txt
2012-02-15
09 (System) New version available: draft-ietf-marf-as-09.txt
2012-02-14
10 Murray Kucherawy Recycling
2012-02-14
10 Murray Kucherawy IETF state changed to WG Document from In WG Last Call
2012-02-10
08 (System) New version available: draft-ietf-marf-as-08.txt
2012-02-07
07 (System) New version available: draft-ietf-marf-as-07.txt
2012-02-05
06 (System) New version available: draft-ietf-marf-as-06.txt
2012-01-31
10 Barry Leiba Working-group last call ends 10 Feb 2012.
2012-01-31
10 Barry Leiba IETF state changed to In WG Last Call from WG Document
2012-01-31
05 (System) New version available: draft-ietf-marf-as-05.txt
2012-01-25
04 (System) New version available: draft-ietf-marf-as-04.txt
2012-01-23
03 (System) New version available: draft-ietf-marf-as-03.txt
2011-12-28
02 (System) New version available: draft-ietf-marf-as-02.txt
2011-12-21
01 (System) New version available: draft-ietf-marf-as-01.txt
2011-09-13
10 Pete Resnick Draft added in state AD is watching
2011-09-01
00 (System) New version available: draft-ietf-marf-as-00.txt