<?xml version="1.0" encoding="UTF-8"?><?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?> <!-- generated by https://github.com/cabo/kramdown-rfc version 1.6.23 (Ruby 2.6.10) --><!DOCTYPE rfc [ <!ENTITY nbsp " "> <!ENTITY zwsp "​"> <!ENTITY nbhy "‑"> <!ENTITY wj "⁠"> ]> <rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-benecke-cfbl-address-header-13"category="exp"number="9477" submissionType="independent" category="exp" tocInclude="true" sortRefs="true"symRefs="true">symRefs="true" updates="" obsoletes="" xml:lang="en" version="3"> <!-- xml2rfc v2v3 conversion 3.17.1 --> <front> <title abbrev="CFBL Address Header">Complaint Feedback Loop Address Header</title> <seriesInfo name="RFC" value="9477"/> <author initials="J." surname="Benecke" fullname="Jan-Philipp Benecke"> <organization>CleverReach GmbH & Co. KG</organization> <address> <postal> <street>Schafjueckenweg 2</street> <city>Rastede</city> <code>26180</code> <country>Germany</country> </postal> <phone>+49 4402 97390-16</phone> <email>jpb@cleverreach.com</email> </address> </author> <date year="2023"month="May" day="07"/> <area>art</area> <workgroup>Network Working Group</workgroup> <keyword>Internet-Draft</keyword>month="September"/> <keyword>example</keyword> <abstract> <t>This document describes a method that allows a Message Originator to specify acomplaint feedback loop (FBL)Complaint Feedback Loop (CFBL) address as a message header field.Also, itIt also defines the rules for processing and forwarding such a complaint. The motivation for this arises out of the absence of a standardized and automated way to provide Mailbox Providers with an address for acomplaint feedback loop.CFBL. Currently, providing and maintaining such an address is a manual and time-consuming process for Message Originators and Mailbox Providers.</t> <t>The mechanism specified in this document is being published as anexperiment,experiment togauge interest of, andgather feedbackfromand gauge the interest of implementers and deployers. This document is produced through the Independent RFCstreamStream and was not subject to the IETF's approval process.</t> </abstract> </front> <middle> <sectionanchor="introduction-and-motivation"><name>Introductionanchor="introduction-and-motivation"> <name>Introduction and Motivation</name> <t>This memo extends thecomplaint feedback loopCFBL recommendations described in{!RFC6449}}<xref target="RFC6449"/> with an automated way to provide the necessary information by the Message Originator to Mailbox Providers. The reader should be familiar with the terminology and concepts in thatdocument; termsdocument. Terms beginning with capital letters used in this memo are described in that document.</t> <t>As described in <xref target="RFC6449"/>, the registration for such acomplaint feedback loopCFBL needs to be done manually by a human at any Mailbox Providerwhothat provides acomplaint feedback loop.CFBL. The key underpinning of <xref target="RFC6449"/> is that access to thecomplaint feedback loopCFBL is aprivilege,privilege andthatMailbox Providers are not prepared to send feedback to anyone they cannot reasonably believe are legitimate. However, manual registration and management can be quite time-consuming if there are new feedback loops risingup,up or if the Message Originator wants to add new IP addresses,DKIM domainsDomainKeys Identified Mail (DKIM) domains, or change their complaint address. In addition, a manual process is not well suitedand/oror feasible for smaller Mailbox Providers.</t><t>Here<t>Here, we propose that Message Originators add a header field without the need to manually register with each FeedbackProvider,Provider andthatwilling Mailbox Providers can use it to send the Feedback Messages to the specified complaint address. This simplification or extension of a manual registration and verification process would be another advantage for the Mailbox Providers.</t> <t>A new message header field, rather than a new DNS record, was chosen to easily distinguish between multiple Message Originators without requiring user or administrator intervention. For example, if a company uses multiple systems, each system can set this header field on its own without requiring users or administrators to make any changes to their DNS. No additional DNS lookup is required of the Mailbox Provider side to obtain the complaint address.</t> <t>The proposed mechanism is capable of being operated in compliance withthedata privacylaws e.g. GDPRlaws, e.g., the EU's General Data Protection Regulation (GDPR) orCCPA.the California Consumer Privacy Act (CCPA). As described in <xreftarget="data-privacy"></xref>,target="data-privacy"/>, a Feedback Message may contain personaldata, thisdata. This document describes a way to omit this personal data when sending the Feedback Message and only send back a header field.</t> <t>Nevertheless, the described mechanism below potentially permits a kind ofman-in-the-middleperson-in-the-middle attack between the domain owner and the recipient. A bad actor can generate forged reports to be "from" a domain name the bad actor is attacking and sendthisthese reports to thecomplaint feedback loopCFBL address. These fake messages can result in a number of actions, such as blockingofaccounts or deactivating recipient addresses. This potential harm and others are described with potential countermeasures in <xreftarget="security-considerations"></xref>.</t>target="security-considerations"/>.</t> <t>In summary, this document has the following objectives:</t><t><list style="symbols"> <t>Allow<ul spacing="normal"> <li>Allow Message Originators to signal that a complaint address exists without requiring manual registration with allproviders.</t> <t>Allowproviders.</li> <li>Allow Mailbox Providers to obtain a complaint address without developing their own manual registrationprocess.</t> <t>Be ableprocess.</li> <li>Have the ability to provide a complaint address to smaller Mailbox Providers who do not have a feedback loop inplace</t> <t>Provideplace</li> <li>Provide a data privacy safe option for acomplaint feedback loop.</t> </list></t>CFBL.</li> </ul> <sectionanchor="scope-of-this-experiment"><name>Scopeanchor="scope-of-this-experiment"> <name>Scope of this Experiment</name> <t>The CFBL-Address header field and the CFBL-Feedback-ID header field comprise an experiment. Participation in this experiment consists of adding the CFBL-Address header field on the MessageOriginatorsOriginator side or by using the CFBL-Address header field to send Feedback Messages to the provided address on the Mailbox Provider side. Feedback on the results of this experiment can be emailed to the author, raised as an issue athttps://github.com/jpbede/rfc-cfbl-address-header/<eref brackets="angle" target="https://github.com/jpbede/rfc-cfbl-address-header/"></eref>, or can be emailed to the IETF cfbl mailing list (cfbl@ietf.org).</t> <t>The goal of this experiment is to answer the following questions based on real-world deployments:</t><t><list style="symbols"> <t>Is<ul spacing="normal"> <li>Is there interest among MessageOriginatorOriginators and MailboxProviders?</t> <t>IfProviders?</li> <li>If the Mailbox Provider adds this capability, will it be used by the MessageOriginators?</t> <t>IfOriginators?</li> <li>If the Message Originator adds this capability, will it be used by the MailboxProviders?</t> <t>DoesProviders?</li> <li>Does the presence of the CFBL-Address and CFBL-Feedback-ID headerfieldfields introduce additional securityissues?</t> <t>Whatissues?</li> <li>What additional security measures/checks need to be performed at the Mailbox Provider before a Feedback Message issent?</t> <t>Whatsent?</li> <li>What additional security measures/checks need to be performed at the Message Originator after a Feedback Message isreceived?</t> </list></t>received?</li> </ul> <t>This experiment will be considered successful if the CFBL-Address header field is used by a leading Mailbox Provider and by at least two Message Originators within the next twoyears andyears. It will also be considered a success if these parties successfully use the address specified in the header field to exchange Feedback Messages.</t> <t>If this experiment is successful and these header fields prove to be valuable and popular, the header fields may be taken to the IETF for further discussion and revision.</t> </section> <sectionanchor="how-cfbl-differs-from-one-click-unsubscribe"><name>Howanchor="how-cfbl-differs-from-one-click-unsubscribe"> <name>How CFBLdiffersDiffers from One-Click-Unsubscribe</name> <t>For good reasons, the One-Click-Unsubscribe <xref target="RFC8058"/> signaling alreadyexists, whichexists and may have several interests in common with this document. However, this header field requires the List-Unsubscribe headerfield, whosefield. The purpose of this header field is to provide the link to unsubscribe from a list. For this reason, this header field is only used by operators of broadcast marketing lists or mailinglists,lists and not in normal email traffic.</t> </section> </section> <sectionanchor="definitions"><name>Definitions</name> <t>Theanchor="definitions"> <name>Conventions Used in This Document</name> <t> The key words"MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY","<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and"OPTIONAL""<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as described inBCP 14BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they appear in all capitals, as shownhere.</t> <t>The key word "CFBL" inhere. </t> <t>In thisdocumentdocument, "CFBL" is the abbreviation for"complaint feedback loop""Complaint Feedback Loop" and will hereafter be used.</t> <t>Syntax descriptions use ABNF <xref target="RFC5234"/> <xref target="RFC7405"/>.</t> </section> <sectionanchor="requirements"><name>Requirements</name>anchor="requirements"> <name>Requirements</name> <sectionanchor="received-message"><name>Receivedanchor="received-message"> <name>Received Message</name> <t>This section describes the requirements that must be met for the following: a received message, the message that is sent from the Message Originator to the MailboxProviderProvider, andabout whicha report that is to be sentlater, must meet.</t>later.</t> <sectionanchor="strict"><name>Strict</name>anchor="strict"> <name>Strict</name> <t>If the domain in the<xref target="RFC5322"/>.FromRFC5322.From and the domain in the CFBL-Address headerfieldfields are identical, this domainMUST<bcp14>MUST</bcp14> be matched by a valid <xreftarget="DKIM"/>target="RFC6376"/> signature. In this case, the DKIM "d=" parameter and the<xref target="RFC5322"/>.FromRFC5322.From field have identical domains. This signatureMUST<bcp14>MUST</bcp14> meet the requirements described in <xreftarget="received-message-dkim-signature"></xref>.</t>target="received-message-dkim-signature"/>.</t> <t>The following example meets this case:</t><figure><artwork><![CDATA[<artwork><![CDATA[ Return-Path: <sender@mailer.example.com> From: Awesome Newsletter <newsletter@example.com> To: receiver@example.org Subject: Super awesome deals for you CFBL-Address: fbl@example.com; report=arf Message-ID: <a37e51bf-3050-2aab-1234-543a0828d14a@mailer.example.com> Content-Type: text/plain; charset=utf-8 DKIM-Signature: v=1; a=rsa-sha256; d=example.com; s=news; h=Subject:From:To:Message-ID:CFBL-Feedback-ID:CFBL-Address; This is a super awesome newsletter.]]></artwork></figure>]]></artwork> </section> <sectionanchor="relaxed"><name>Relaxed</name>anchor="relaxed"> <name>Relaxed</name> <t>If the domain in CFBL-Address header field is a child domain of RFC5322.From, the<xref target="RFC5322"/>.From, the <xref target="RFC5322"/>.FromRFC5322.From domainMUST<bcp14>MUST</bcp14> be matched by a valid <xreftarget="DKIM"/>target="RFC6376"/> signature. In this case, the DKIM "d=" parameter and the<xref target="RFC5322"/>.FromRFC5322.From domain haveaan identical (Example 1) or parent (Example 2) domain. This signatureMUST<bcp14>MUST</bcp14> meet the requirements described in <xreftarget="received-message-dkim-signature"></xref>.</t>target="received-message-dkim-signature"/>.</t> <t>Example 1:</t><figure><artwork><![CDATA[<artwork><![CDATA[ Return-Path: <sender@mailer.example.com> From: Awesome Newsletter <newsletter@mailer.example.com> To: receiver@example.org Subject: Super awesome deals for you CFBL-Address: fbl@mailer.example.com; report=arf Message-ID: <a37e51bf-3050-2aab-1234-543a0828d14a@mailer.example.com> Content-Type: text/plain; charset=utf-8 DKIM-Signature: v=1; a=rsa-sha256; d=example.com; h=Content-Type:Subject:From:To:Message-ID: CFBL-Feedback-ID:CFBL-Address; This is a super awesome newsletter.]]></artwork></figure>]]></artwork> <t>Example 2:</t><figure><artwork><![CDATA[<artwork><![CDATA[ Return-Path: <sender@mailer.example.com> From: Awesome Newsletter <newsletter@example.com> To: receiver@example.org Subject: Super awesome deals for you CFBL-Address: fbl@mailer.example.com; report=arf Message-ID: <a37e51bf-3050-2aab-1234-543a0828d14a@mailer.example.com> Content-Type: text/plain; charset=utf-8 DKIM-Signature: v=1; a=rsa-sha256; d=example.com; h=Content-Type:Subject:From:To:Message-ID: CFBL-Feedback-ID:CFBL-Address; This is a super awesome newsletter.]]></artwork></figure>]]></artwork> </section> <sectionanchor="third-party-address"><name>Thirdanchor="third-party-address"> <name>Third Party Address</name> <t>If the domain in<xref target="RFC5322"/>.FromRFC5322.From differs from the domain in the CFBL-Address header field, an additional valid <xreftarget="DKIM"/>target="RFC6376"/> signatureMUST<bcp14>MUST</bcp14> be added that matches the domain in the CFBL-Address header field. The other existing valid <xreftarget="DKIM"/>target="RFC6376"/> signatureMUST<bcp14>MUST</bcp14> match the domain in the<xref target="RFC5322"/>.FromRFC5322.From header field. This double DKIM signature ensures thatboth,both the domain owner of the<xref target="RFC5322"/>.FromRFC5322.From domain and the domain owner of the CFBL-Addressdomain,domain agree on who should receive the Feedback Messages. Bothsignature MUSTsignatures <bcp14>MUST</bcp14> meet the requirements described in <xreftarget="received-message-dkim-signature"></xref>.</t>target="received-message-dkim-signature"/>.</t> <t>The following example meets this case:</t><figure><artwork><![CDATA[<artwork><![CDATA[ Return-Path: <sender@saas-mailer.example> From: Awesome Newsletter <newsletter@example.com> To: receiver@example.org Subject: Super awesome deals for you CFBL-Address: fbl@saas-mailer.example; report=arf Message-ID: <a37e51bf-3050-2aab-1234-543a0828d14a@example.com> Content-Type: text/plain; charset=utf-8 DKIM-Signature: v=1; a=rsa-sha256; d=saas-mailer.example; s=system; h=Subject:From:To:Message-ID:CFBL-Feedback-ID:CFBL-Address; DKIM-Signature: v=1; a=rsa-sha256; d=example.com; s=news; h=Subject:From:To:Message-ID:CFBL-Feedback-ID:CFBL-Address; This is a super awesome newsletter.]]></artwork></figure>]]></artwork> <t>An Email Service Provider may accept pre-signed messages from its Message Authors, making it impossible for it to apply the double signature describedabove,above; inwhich casethis case, the double signatureMUST BE<bcp14>MUST</bcp14> be omitted and the Email Service ProviderMUST<bcp14>MUST</bcp14> sign with its domain. Therefore, the pre-signed messageMUST NOT<bcp14>MUST NOT</bcp14> include "CFBL-Address" and "CFBL-Feedback-ID" in itsh="h=" tag.</t> <t>Thiswayway, the Email Service Provider has the possibility to accept the pre-signed messages and can inject their own CFBL-Address.</t> <t>The following example meets this case:</t><figure><artwork><![CDATA[<artwork><![CDATA[ Return-Path: <newsletter@example.com> From: Awesome Newsletter <newsletter@example.com> To: receiver@example.org Subject: Super awesome deals for you CFBL-Address: fbl@saas-mailer.example; report=arf Message-ID: <a37e51bf-3050-2aab-1234-543a0828d14a@example.com> Content-Type: text/plain; charset=utf-8 DKIM-Signature: v=1; a=rsa-sha256; d=example.com; s=news; h=Subject:From:To:Message-ID; DKIM-Signature: v=1; a=rsa-sha256; d=saas-mailer.example; s=system; h=Subject:From:To:Message-ID:CFBL-Feedback-ID:CFBL-Address; This is a super awesome newsletter.]]></artwork></figure>]]></artwork> </section> <sectionanchor="received-message-dkim-signature"><name>DKIManchor="received-message-dkim-signature"> <name>DKIM Signature</name> <t>When present, CFBL-Address and CFBL-Feedback-ID header fieldsMUST<bcp14>MUST</bcp14> be included in the "h=" tag of the aforementioned valid DKIM signature.</t> <t>If the domain isneithernot matched by a valid DKIM signaturenoror the header field is not covered by the "h=" tag, the Mailbox ProviderSHALL NOT<bcp14>SHALL NOT</bcp14> send a report message.</t> </section> </section> <sectionanchor="multiple-cfbl-address-header-fields"><name>Multipleanchor="multiple-cfbl-address-header-fields"> <name>Multiple CFBL-Address Header Fields</name> <t>A Message can contain multiple CFBL-Address header fields. These multiple header fieldsMUST<bcp14>MUST</bcp14> be treated as a list ofreceive report addresses so thataddresses, eachaddress canof which should receive a report.</t> </section> <sectionanchor="cfbl-feedback-id-header-field"><name>CFBL-Feedback-IDanchor="cfbl-feedback-id-header-field"> <name>CFBL-Feedback-ID Header Field</name> <t>The Message OriginatorMAY<bcp14>MAY</bcp14> include a CFBL-Feedback-ID header field in its messagesout offor various reasons,e.g.e.g., their feedback loop processing system can't do anything with the Message-ID header field.</t> <t>It isRECOMMENDED<bcp14>RECOMMENDED</bcp14> that the header field include ahard to forgehard-to-forge protectioncomponentcomponent, such as an <xreftarget="HMAC"/>target="RFC2104"/> using a secret key, instead of aplain-textplaintext string.</t> </section> <sectionanchor="receiving-report-address"><name>Receivinganchor="receiving-report-address"> <name>Receiving Report Address</name> <t>The receiving report address provided in the CFBL-Address header fieldMUST<bcp14>MUST</bcp14> accept <xreftarget="ARF"/>target="RFC5965"/> reports.</t><t>The<t>It is <bcp14>OPTIONAL</bcp14> for the Message Originatorcan OPTIONALLYto request a <xref target="XARF"/> report, as described in <xreftarget="xarf-report"></xref>.</t>target="xarf-report"/>.</t> </section> <sectionanchor="complaint-report"><name>Feedbackanchor="complaint-report"> <name>Feedback Message</name> <t>The Feedback Message (sent by Mailbox Provider to the address provided in the CFBL-Address header field)MUST<bcp14>MUST</bcp14> have a valid <xreftarget="DKIM"/>target="RFC6376"/> signature. This signatureMUST<bcp14>MUST</bcp14> match the<xref target="RFC5322"/>.FromRFC5322.From domain of the Feedback Message.</t> <t>If the message does not have the required valid <xreftarget="DKIM"/>target="RFC6376"/> signature, the Message OriginatorSHALL NOT<bcp14>SHALL NOT</bcp14> process this Feedback Message.</t> <t>The Feedback MessageMUST<bcp14>MUST</bcp14> beaan <xreftarget="ARF"/>target="RFC5965"/> or <xref target="XARF"/> report. If the Message Originator requests it (described in <xreftarget="xarf-report"></xref>),target="xarf-report"/>) and it is technically possible for the Mailbox Provider to do so, the Feedback MessageMUST<bcp14>MUST</bcp14> be a <xref target="XARF"/>report, otherwisereport. Otherwise, the Feedback MessageMUST<bcp14>MUST</bcp14> beaan <xreftarget="ARF"/>target="RFC5965"/> report.</t> <t>The third MIME part of the <xreftarget="ARF"/>target="RFC5965"/> or the "Samples" section of the <xref target="XARF"/> reportMUST<bcp14>MUST</bcp14> contain the Message-ID <xreftarget="MAIL"/>target="RFC5322"/> of the received message. If present, the CFBL-Feedback-ID header field"CFBL-Feedback-ID"of the received messageMUST<bcp14>MUST</bcp14> be addedadditionallyto the third MIME part of the <xreftarget="ARF"/>target="RFC5965"/> or to the "Samples" section of the <xref target="XARF"/> report.</t> <t>The Mailbox ProviderMAY<bcp14>MAY</bcp14> omit orredact, as described in <xref target="RFC6590"/>,redact all further header fields and/or body to comply with anydata-regulation laws.</t>data regulation laws as described in <xref target="RFC6590"/>.</t> <sectionanchor="xarf-report"><name>XARFanchor="xarf-report"> <name>XARF Report</name> <t>A Message Originator wishing to receive a <xref target="XARF"/> reportMUST<bcp14>MUST</bcp14> append "report=xarf" to the<xref target="cfbl-address-header-field">CFBL-AddressCFBL-Address headerfield</xref>.field (<xref target="cfbl-address-header-field"/>). The report parameter is separated from the report address by a ";".</t> <t>The resulting header field wouldlook like the following:</t> <figure><artwork><![CDATA[appear as shown below.</t> <artwork><![CDATA[ CFBL-Address: fbl@example.com; report=xarf]]></artwork></figure>]]></artwork> </section> </section> </section> <sectionanchor="implementation"><name>Implementation</name>anchor="implementation"> <name>Implementation</name> <sectionanchor="message-originator"><name>Messageanchor="message-originator"> <name>Message Originator</name> <t>A Message Originator who wishes to use this new mechanism to receive Feedback MessagesMUST<bcp14>MUST</bcp14> include a CFBL-Address header field in their messages.</t> <t>It isRECOMMENDED<bcp14>RECOMMENDED</bcp14> that these Feedback Messages be processed automatically. Each Message Originator must decide for themselves what action to take after receiving a Feedback Message.</t> <t>The Message OriginatorMUST<bcp14>MUST</bcp14> take action to address the described requirements in <xreftarget="requirements"></xref>.</t>target="requirements"/>.</t> </section> <sectionanchor="mailbox-provider"><name>Mailboxanchor="mailbox-provider"> <name>Mailbox Provider</name> <t>A Mailbox Provider who wants to collect user actions that indicate the message was not wanted and to send a Feedback Message to the MessageOriginator, they MAYOriginator <bcp14>MAY</bcp14> query the CFBL-Address header field and forward the report to the providedcomplaint feedback loopCFBL address.</t> <t>The Mailbox ProviderMUST<bcp14>MUST</bcp14> validate the DKIM requirements of the receivedMessagemessage described in <xreftarget="received-message"></xref>target="received-message"/> andMUST<bcp14>MUST</bcp14> take action to address the requirements described in <xreftarget="complaint-report"></xref>target="complaint-report"/> when sending Feedback Messages.</t> </section> </section> <sectionanchor="header-field-syntax"><name>Headeranchor="header-field-syntax"> <name>Header Field Syntax</name> <sectionanchor="cfbl-address-header-field"><name>CFBL-Address</name>anchor="cfbl-address-header-field"> <name>CFBL-Address</name> <t>The following ABNF imports the rules for fields, CFWS,CRLFCRLF, and addr-spec from <xreftarget="MAIL"/>.target="RFC5322"/>. Implementations of the CFBL-Address header fieldMUST<bcp14>MUST</bcp14> comply with <xref target="RFC6532"/>.</t><figure><sourcecode<sourcecode type="abnf"><![CDATA[ fields =/ cfbl-address cfbl-address = "CFBL-Address:" CFWS addr-spec [";" CFWS report-format] CRLF report-format = %s"report=" (%s"arf" / %s"xarf")]]></sourcecode></figure>]]></sourcecode> </section> <sectionanchor="cfbl-feedback-id"><name>CFBL-Feedback-ID</name>anchor="cfbl-feedback-id"> <name>CFBL-Feedback-ID</name> <t>The following ABNF imports the rules for fields, WSP,CRLFCRLF, and atext from <xreftarget="MAIL"/>.</t> <figure><sourcecodetarget="RFC5322"/>.</t> <sourcecode type="abnf"><![CDATA[ fields =/ cfbl-feedback-id cfbl-feedback-id = "CFBL-Feedback-ID:" CFWS fid CRLF fid = 1*(atext / ":" / CFWS)]]></sourcecode></figure> <t>Whitespace]]></sourcecode> <t>Empty space is ignored in the fid value andMUST<bcp14>MUST</bcp14> be ignored when reassembling the originalfeedback id.<br />feedback-id.<br/> In particular,when adding the header fieldthe Message Originator can safely insert CFWS in the fid value in arbitrary places to conform toline-length limits.</t>line length limits when adding the header field.</t> </section> </section> <sectionanchor="security-considerations"><name>Securityanchor="security-considerations"> <name>Security Considerations</name> <t>This section discusses possible securityissues, and their possible solutions,issues of acomplaint feedback loop addressCFBL-Address headerfield.</t>field and their solutions.</t> <sectionanchor="attacks-on-the-feedback-loop-address"><name>Attacksanchor="attacks-on-the-feedback-loop-address"> <name>Attacks on the Feedback Loop Address</name> <t>Like any other email address, acomplaint feedback loopCFBL address can be an attack vector for malicious messages. For example,complaint feedback loopCFBL addresses can be flooded with spam. This is an existing problem with any existing email address and is not created by this document.</t> </section> <sectionanchor="automatic-suspension-of-an-account"><name>Automaticanchor="automatic-suspension-of-an-account"> <name>Automatic Suspension of an Account</name> <t>Receiving a Feedback Message regarding a Message Author can cause the Message Author to be unreachable if an automatic account suspension occurs too quickly.An example:For example, someone sends an invitation to theirfriends. For some reason,friends, and someone else marks this message asspam.</t> <t>Now, if there is too fastspam for some reason.</t> <t>If automatic accountsuspension,suspension is too fast, the Message Author's account will be blocked and the Message Author will not be able to access their emails oris able tosend further messages, depending on the account suspension the Message Originator has chosen.</t> <t>Message Originators must take appropriate measures to preventtoo fastaccountsuspensions.suspensions that happen too fast. Therefore, Message Originatorsthereforehave--- mostly proprietary--- ways to assess the trustworthiness of an account. For example, Message Originators may take into account the age of the account and/or any previous account suspension before suspending an account.</t> </section> <sectionanchor="enumeration-attacks-provoking-unsubscription"><name>Enumerationanchor="enumeration-attacks-provoking-unsubscription"> <name>Enumeration Attacks / Provoking Unsubscription</name> <t>A malicious person may send a series of spoofedARFAbuse Reporting Format (ARF) messages to knowncomplaint feedback loopCFBL addresses and attempt to guess aMessage-ID/CFBL-Feedback-IDMessage-ID / CFBL-Feedback-ID or any other identifiers. The malicious person may attempt to mass unsubscribe/suspend if such an automated system is in place. This is also an existing problem with the current feedback loop implementation and/or One-Click Unsubscription <xref target="RFC8058"/>.</t> <t>The Message Originator must take appropriatemeasures, a countermeasure would be, thatmeasures. For example, the CFBL-Feedback-ID headerfield, if used,field (if used) can use a hard-to-forgecomponentcomponent, such asaan <xreftarget="HMAC"/>target="RFC2104"/> with a secretkeykey, instead of a plaintextstringstring, to make an enumeration attack impossible.</t> </section> <sectionanchor="data-privacy"><name>Dataanchor="data-privacy"> <name>Data Privacy</name> <t>The provision of such a header field itself does not pose a data privacy issue. The resulting ARF/XARF report sent by the Mailbox Provider to the Message Originator may violate a data privacy law because it may contain personal data.</t> <t>This document already addresses some parts of this problem and describes adata privacy safeway to send a FeedbackMessage.Message that keeps data privacy safe. As described in <xreftarget="complaint-report"></xref>,target="complaint-report"/>, the Mailbox Provider can omit the entire body and/or header field and send only the required fields. As recommended in <xref target="RFC6590"/>, the Mailbox Provider can also redact the data in question. Nevertheless, each Mailbox Provider must consider for itself whether this implementation is acceptable and complies with existing data privacy laws in their country.</t> <t>As described in Sections <xreftarget="complaint-report"></xref>target="complaint-report" format="counter"/> andin<xreftarget="cfbl-feedback-id-header-field"></xref>,target="cfbl-feedback-id-header-field" format="counter"/>, it is also stronglyRECOMMENDED<bcp14>RECOMMENDED</bcp14> that the Message-IDand, if used, the CFBL-Feedback-ID.and CFBL-Feedback-ID (if used) contain a component that is difficult to forge, such asaan <xreftarget="HMAC"/>target="RFC2104"/> that uses a secret key, rather than a plaintext string. See <xreftarget="hmac-example"></xref>target="hmac-example"/> for an example.</t> </section> <sectionanchor="abusing-for-validity-and-existence-queries"><name>Abusinganchor="abusing-for-validity-and-existence-queries"> <name>Abusing for Validity and Existence Queries</name> <t>This mechanism could be abused to determine the validity and existence of an email address,which exhibitsexhibiting another potential data privacy issue.Now, ifIf the Mailbox Provider has an automatic process to generate a Feedback Message for a received message, it may not be doing the mailbox owner any favors. As the Mailbox Providernowgenerates an automatic Feedback Message for the received message, the Mailbox Providernowproves to the Message Originator that this mailbox exists forsure,sure because it is based on a manual action of the mailbox owner.</t> <t>The receiving Mailbox Provider must take appropriate measures. One possible countermeasure couldbe, for example,be pre-existing reputationdata, usuallydata (usually proprietarydata.data), for example. Using this data, the Mailbox Provider can assess the trustworthiness of a Message Originator and decide whether to send a Feedback Message based on this information.</t> </section> </section> <sectionanchor="iana-considerations"><name>IANAanchor="iana-considerations"> <name>IANA Considerations</name> <sectionanchor="cfbl-address"><name>CFBL-Address</name> <t>The IANA is requested to registeranchor="cfbl-address"> <name>CFBL-Address</name> <t>IANA has registered a new header field, per <xref target="RFC3864"/>,intoin the "Provisional Message Header Field Names" registry:</t><figure><sourcecode type="abnf"><![CDATA[ Header field name: CFBL-Address Applicable protocol: mail Status: provisional Author/Change controller: Jan-Philipp<dl> <dt>Header Field Name:</dt><dd>CFBL-Address</dd> <dt>Protocol:</dt><dd>mail</dd> <dt>Status:</dt><dd></dd> <dt>Author/Change controller:</dt><dd>Jan-Philipp Benecke<jpb@cleverreach.com> Specification document: this document ]]></sourcecode></figure><jpb@cleverreach.com></dd> <dt>Reference:</dt><dd>RFC 9477</dd> </dl> </section> <sectionanchor="cfbl-feedback-id-1"><name>CFBL-Feedback-ID</name> <t>The IANA is requested to registeranchor="cfbl-feedback-id-1"> <name>CFBL-Feedback-ID</name> <t>IANA has registered a new header field, per <xref target="RFC3864"/>,intoin the "Provisional Message Header Field Names" registry:</t><figure><sourcecode type="abnf"><![CDATA[ Header field name: CFBL-Feedback-ID Applicable protocol: mail Status: provisional Author/Change controller: Jan-Philipp<dl> <dt>Header Field Name:</dt><dd>CFBL-Feedback-ID</dd> <dt>Protocol:</dt><dd>mail</dd> <dt>Status:</dt><dd></dd> <dt>Author/Change controller:</dt><dd>Jan-Philipp Benecke<jpb@cleverreach.com> Specification document: this document ]]></sourcecode></figure><jpb@cleverreach.com></dd> <dt>Reference:</dt><dd>RFC 9477</dd> </dl> </section> </section> <sectionanchor="examples"><name>Examples</name>anchor="examples"> <name>Examples</name> <t>Forsimplicitysimplicity, the DKIM header field has been shortened, and some tags have been omitted.</t> <sectionanchor="simple"><name>Simple</name>anchor="simple"> <name>Simple</name> <t>Email about the report will be generated:</t><figure><artwork><![CDATA[<artwork><![CDATA[ Return-Path: <sender@mailer.example.com> From: Awesome Newsletter <newsletter@example.com> To: me@example.net Subject: Super awesome deals for you CFBL-Address: fbl@example.com; report=arf CFBL-Feedback-ID: 111:222:333:4444 Message-ID: <a37e51bf-3050-2aab-1234-543a0828d14a@mailer.example.com> Content-Type: text/plain; charset=utf-8 DKIM-Signature: v=1; a=rsa-sha256; d=example.com; s=news; h=Subject:From:To:Message-ID:CFBL-Feedback-ID:CFBL-Address; This is a super awesome newsletter.]]></artwork></figure>]]></artwork> <t>Resulting ARF report:</t><figure><artwork><![CDATA[<artwork><![CDATA[ ------=_Part_240060962_1083385345.1592993161900 Content-Type: message/feedback-report Content-Transfer-Encoding: 7bit Feedback-Type: abuse User-Agent: FBL/0.1 Version: 0.1 Original-Mail-From: sender@mailer.example.com Arrival-Date: Tue, 23 Jun 2020 06:31:38 GMT Reported-Domain: example.com Source-IP: 192.0.2.1 ------=_Part_240060962_1083385345.1592993161900 Content-Type: text/rfc822; charset=UTF-8 Content-Transfer-Encoding: 7bit Return-Path: <sender@mailer.example.com> From: Awesome Newsletter <newsletter@example.com> To: me@example.net Subject: Super awesome deals for you CFBL-Address: fbl@example.com; report=arf CFBL-Feedback-ID: 111:222:333:4444 Message-ID: <a37e51bf-3050-2aab-1234-543a0828d14a@mailer.example.com> Content-Type: text/plain; charset=utf-8 DKIM-Signature: v=1; a=rsa-sha256; d=example.com; s=news; h=Subject:From:To:Message-ID:CFBL-Feedback-ID:CFBL-Address; This is a super awesome newsletter. ------=_Part_240060962_1083385345.1592993161900--]]></artwork></figure>]]></artwork> </section> <sectionanchor="data-privacy-safe-report"><name>Dataanchor="data-privacy-safe-report"> <name>Data Privacy Safe Report</name> <t>Email about the report will be generated:</t><figure><artwork><![CDATA[<artwork><![CDATA[ Return-Path: <sender@mailer.example.com> From: Awesome Newsletter <newsletter@example.com> To: me@example.net Subject: Super awesome deals for you CFBL-Address: fbl@example.com; report=arf CFBL-Feedback-ID: 111:222:333:4444 Message-ID: <a37e51bf-3050-2aab-1234-543a0828d14a@mailer.example.com> Content-Type: text/plain; charset=utf-8 DKIM-Signature: v=1; a=rsa-sha256; d=example.com; s=news; h=Subject:From:To:Message-ID:CFBL-Feedback-ID:CFBL-Address; This is a super awesome newsletter.]]></artwork></figure>]]></artwork> <t>Resulting ARF reportcontainsthat only contains the CFBL-Feedback-ID:</t><figure><artwork><![CDATA[<artwork><![CDATA[ ------=_Part_240060962_1083385345.1592993161900 Content-Type: message/feedback-report Content-Transfer-Encoding: 7bit Feedback-Type: abuse User-Agent: FBL/0.1 Version: 0.1 Original-Mail-From: sender@mailer.example.com Arrival-Date: Tue, 23 Jun 2020 06:31:38 GMT Reported-Domain: example.com Source-IP: 2001:DB8::25 ------=_Part_240060962_1083385345.1592993161900 Content-Type: text/rfc822-headers; charset=UTF-8 Content-Transfer-Encoding: 7bit CFBL-Feedback-ID: 111:222:333:4444 ------=_Part_240060962_1083385345.1592993161900--]]></artwork></figure>]]></artwork> </section> <sectionanchor="hmac-example"><name>Dataanchor="hmac-example"> <name>Data Privacy Safe Report with HMAC</name> <t>Email about the report will be generated:</t><figure><artwork><![CDATA[<artwork><![CDATA[ Return-Path: <sender@mailer.example.com> From: Awesome Newsletter <newsletter@example.com> To: me@example.net Subject: Super awesome deals for you CFBL-Address: fbl@example.com; report=arf CFBL-Feedback-ID: 3789e1ae1938aa2f0dfdfa48b20d8f8bc6c21ac34fc5023d 63f9e64a43dfedc0 Message-ID: <a37e51bf-3050-2aab-1234-543a0828d14a@mailer.example.com> Content-Type: text/plain; charset=utf-8 DKIM-Signature: v=1; a=rsa-sha256; d=example.com; s=news; h=Subject:From:To:Message-ID:CFBL-Feedback-ID:CFBL-Address; This is a super awesome newsletter.]]></artwork></figure>]]></artwork> <t>Resulting ARF reportcontainsthat only contains the CFBL-Feedback-ID:</t><figure><artwork><![CDATA[<artwork><![CDATA[ ------=_Part_240060962_1083385345.1592993161900 Content-Type: message/feedback-report Content-Transfer-Encoding: 7bit Feedback-Type: abuse User-Agent: FBL/0.1 Version: 0.1 Original-Mail-From: sender@mailer.example.com Arrival-Date: Tue, 23 Jun 2020 06:31:38 GMT Reported-Domain: example.com Source-IP: 2001:DB8::25 ------=_Part_240060962_1083385345.1592993161900 Content-Type: text/rfc822-headers; charset=UTF-8 Content-Transfer-Encoding: 7bit CFBL-Feedback-ID: 3789e1ae1938aa2f0dfdfa48b20d8f8bc6c21ac34fc5023d 63f9e64a43dfedc0 ------=_Part_240060962_1083385345.1592993161900--]]></artwork></figure>]]></artwork> </section> </section> </middle> <back> <displayreference target="RFC6376" to="DKIM"/> <displayreference target="RFC5965" to="ARF"/> <displayreference target="RFC2104" to="HMAC"/> <references> <name>References</name> <references> <name>Normative References</name> <reference anchor="XARF" target="https://github.com/abusix/xarf"> <front> <title>XARF - eXtended Abuse Reporting Format</title> <author/> <date month="March" year="2023"/> </front> <refcontent>commit cc1a6e6</refcontent> </reference> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6449.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5234.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7405.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5322.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6376.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5965.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6532.xml"/> </references> <references> <name>Informative References</name> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8058.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2104.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6590.xml"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.3864.xml"/> </references> </references> <sectionanchor="acknowledgments"><name>Acknowledgments</name>anchor="acknowledgments" numbered="false"> <name>Acknowledgments</name> <t>Technical and editorial reviews were provided by the colleagues at CleverReach, the colleagues at Certified Senders Alliance andeco.de, Arne Allisat, Tobias Herkula and Levent Ulucaneco.de; <contact fullname="Arne Allisat"/>, <contact fullname="Tobias Herkula"/> and <contact fullname="Levent Ulucan"/> (1&1 Mail &Media)Media); andSven Krohlas<contact fullname="Sven Krohlas"/> (BFK Edv-consulting).</t> </section></middle> <back> <references title='Normative References'> <reference anchor="XARF" > <front> <title>eXtended Abuse Reporting Format</title> <author > <organization>Abusix</organization> </author> <date /> </front> <seriesInfo name="Web" value="https://github.com/abusix/xarf"/> </reference> <reference anchor='RFC6449'> <front> <title>Complaint Feedback Loop Operational Recommendations</title> <author fullname='J. Falk' initials='J.' role='editor' surname='Falk'><organization/></author> <date month='November' year='2011'/> <abstract><t>Complaint Feedback Loops similar to those described herein have existed for more than a decade, resulting in many de facto standards and best practices. This document is an attempt to codify, and thus clarify, the ways that both providers and consumers of these feedback mechanisms intend to use the feedback, describing some already common industry practices.</t><t>This document is the result of cooperative efforts within the Messaging Anti-Abuse Working Group, a trade organization separate from the IETF. The original MAAWG document upon which this document is based was published in April, 2010. This document does not represent the consensus of the IETF; rather it is being published as an Informational RFC to make it widely available to the Internet community and simplify reference to this material from IETF work. This document is not an Internet Standards Track specification; it is published for informational purposes.</t></abstract> </front> <seriesInfo name='RFC' value='6449'/> <seriesInfo name='DOI' value='10.17487/RFC6449'/> </reference> <reference anchor='RFC2119'> <front> <title>Key words for use in RFCs to Indicate Requirement Levels</title> <author fullname='S. Bradner' initials='S.' surname='Bradner'><organization/></author> <date month='March' year='1997'/> <abstract><t>In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t></abstract> </front> <seriesInfo name='BCP' value='14'/> <seriesInfo name='RFC' value='2119'/> <seriesInfo name='DOI' value='10.17487/RFC2119'/> </reference> <reference anchor='RFC8174'> <front> <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title> <author fullname='B. Leiba' initials='B.' surname='Leiba'><organization/></author> <date month='May' year='2017'/> <abstract><t>RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t></abstract> </front> <seriesInfo name='BCP' value='14'/> <seriesInfo name='RFC' value='8174'/> <seriesInfo name='DOI' value='10.17487/RFC8174'/> </reference> <reference anchor='RFC5234'> <front> <title>Augmented BNF for Syntax Specifications: ABNF</title> <author fullname='D. Crocker' initials='D.' role='editor' surname='Crocker'><organization/></author> <author fullname='P. Overell' initials='P.' surname='Overell'><organization/></author> <date month='January' year='2008'/> <abstract><t>Internet technical specifications often need to define a formal syntax. Over the years, a modified version of Backus-Naur Form (BNF), called Augmented BNF (ABNF), has been popular among many Internet specifications. The current specification documents ABNF. It balances compactness and simplicity with reasonable representational power. The differences between standard BNF and ABNF involve naming rules, repetition, alternatives, order-independence, and value ranges. This specification also supplies additional rule definitions and encoding for a core lexical analyzer of the type common to several Internet specifications. [STANDARDS-TRACK]</t></abstract> </front> <seriesInfo name='STD' value='68'/> <seriesInfo name='RFC' value='5234'/> <seriesInfo name='DOI' value='10.17487/RFC5234'/> </reference> <reference anchor='RFC7405'> <front> <title>Case-Sensitive String Support in ABNF</title> <author fullname='P. Kyzivat' initials='P.' surname='Kyzivat'><organization/></author> <date month='December' year='2014'/> <abstract><t>This document extends the base definition of ABNF (Augmented Backus-Naur Form) to include a way to specify US-ASCII string literals that are matched in a case-sensitive manner.</t></abstract> </front> <seriesInfo name='RFC' value='7405'/> <seriesInfo name='DOI' value='10.17487/RFC7405'/> </reference> <reference anchor='RFC5322'> <front> <title>Internet Message Format</title> <author fullname='P. Resnick' initials='P.' role='editor' surname='Resnick'><organization/></author> <date month='October' year='2008'/> <abstract><t>This document specifies the Internet Message Format (IMF), a syntax for text messages that are sent between computer users, within the framework of "electronic mail" messages. This specification is a revision of Request For Comments (RFC) 2822, which itself superseded Request For Comments (RFC) 822, "Standard for the Format of ARPA Internet Text Messages", updating it to reflect current practice and incorporating incremental changes that were specified in other RFCs. [STANDARDS-TRACK]</t></abstract> </front> <seriesInfo name='RFC' value='5322'/> <seriesInfo name='DOI' value='10.17487/RFC5322'/> </reference> <reference anchor='DKIM'> <front> <title>DomainKeys Identified Mail (DKIM) Signatures</title> <author fullname='D. Crocker' initials='D.' role='editor' surname='Crocker'><organization/></author> <author fullname='T. Hansen' initials='T.' role='editor' surname='Hansen'><organization/></author> <author fullname='M. Kucherawy' initials='M.' role='editor' surname='Kucherawy'><organization/></author> <date month='September' year='2011'/> <abstract><t>DomainKeys Identified Mail (DKIM) permits a person, role, or organization that owns the signing domain to claim some responsibility for a message by associating the domain with the message. This can be an author's organization, an operational relay, or one of their agents. DKIM separates the question of the identity of the Signer of the message from the purported author of the message. Assertion of responsibility is validated through a cryptographic signature and by querying the Signer's domain directly to retrieve the appropriate public key. Message transit from author to recipient is through relays that typically make no substantive change to the message content and thus preserve the DKIM signature.</t><t>This memo obsoletes RFC 4871 and RFC 5672. [STANDARDS-TRACK]</t></abstract> </front> <seriesInfo name='STD' value='76'/> <seriesInfo name='RFC' value='6376'/> <seriesInfo name='DOI' value='10.17487/RFC6376'/> </reference> <reference anchor='ARF'> <front> <title>An Extensible Format for Email Feedback Reports</title> <author fullname='Y. Shafranovich' initials='Y.' surname='Shafranovich'><organization/></author> <author fullname='J. Levine' initials='J.' surname='Levine'><organization/></author> <author fullname='M. Kucherawy' initials='M.' surname='Kucherawy'><organization/></author> <date month='August' year='2010'/> <abstract><t>This document defines an extensible format and MIME type that may be used by mail operators to report feedback about received email to other parties. This format is intended as a machine-readable replacement for various existing report formats currently used in Internet email. [STANDARDS-TRACK]</t></abstract> </front> <seriesInfo name='RFC' value='5965'/> <seriesInfo name='DOI' value='10.17487/RFC5965'/> </reference> <reference anchor='MAIL'> <front> <title>Internet Message Format</title> <author fullname='P. Resnick' initials='P.' role='editor' surname='Resnick'><organization/></author> <date month='October' year='2008'/> <abstract><t>This document specifies the Internet Message Format (IMF), a syntax for text messages that are sent between computer users, within the framework of "electronic mail" messages. This specification is a revision of Request For Comments (RFC) 2822, which itself superseded Request For Comments (RFC) 822, "Standard for the Format of ARPA Internet Text Messages", updating it to reflect current practice and incorporating incremental changes that were specified in other RFCs. [STANDARDS-TRACK]</t></abstract> </front> <seriesInfo name='RFC' value='5322'/> <seriesInfo name='DOI' value='10.17487/RFC5322'/> </reference> <reference anchor='RFC6532'> <front> <title>Internationalized Email Headers</title> <author fullname='A. Yang' initials='A.' surname='Yang'><organization/></author> <author fullname='S. Steele' initials='S.' surname='Steele'><organization/></author> <author fullname='N. Freed' initials='N.' surname='Freed'><organization/></author> <date month='February' year='2012'/> <abstract><t>Internet mail was originally limited to 7-bit ASCII. MIME added support for the use of 8-bit character sets in body parts, and also defined an encoded-word construct so other character sets could be used in certain header field values. However, full internationalization of electronic mail requires additional enhancements to allow the use of Unicode, including characters outside the ASCII repertoire, in mail addresses as well as direct use of Unicode in header fields like "From:", "To:", and "Subject:", without requiring the use of complex encoded-word constructs. This document specifies an enhancement to the Internet Message Format and to MIME that allows use of Unicode in mail addresses and most header field content.</t><t>This specification updates Section 6.4 of RFC 2045 to eliminate the restriction prohibiting the use of non-identity content-transfer- encodings on subtypes of "message/". [STANDARDS-TRACK]</t></abstract> </front> <seriesInfo name='RFC' value='6532'/> <seriesInfo name='DOI' value='10.17487/RFC6532'/> </reference> </references> <references title='Informative References'> <reference anchor='RFC8058'> <front> <title>Signaling One-Click Functionality for List Email Headers</title> <author fullname='J. Levine' initials='J.' surname='Levine'><organization/></author> <author fullname='T. Herkula' initials='T.' surname='Herkula'><organization/></author> <date month='January' year='2017'/> <abstract><t>This document describes a method for signaling a one-click function for the List-Unsubscribe email header field. The need for this arises out of the actuality that mail software sometimes fetches URLs in mail header fields, and thereby accidentally triggers unsubscriptions in the case of the List-Unsubscribe header field.</t></abstract> </front> <seriesInfo name='RFC' value='8058'/> <seriesInfo name='DOI' value='10.17487/RFC8058'/> </reference> <reference anchor='HMAC'> <front> <title>HMAC: Keyed-Hashing for Message Authentication</title> <author fullname='H. Krawczyk' initials='H.' surname='Krawczyk'><organization/></author> <author fullname='M. Bellare' initials='M.' surname='Bellare'><organization/></author> <author fullname='R. Canetti' initials='R.' surname='Canetti'><organization/></author> <date month='February' year='1997'/> <abstract><t>This document describes HMAC, a mechanism for message authentication using cryptographic hash functions. HMAC can be used with any iterative cryptographic hash function, e.g., MD5, SHA-1, in combination with a secret shared key. The cryptographic strength of HMAC depends on the properties of the underlying hash function. This memo provides information for the Internet community. This memo does not specify an Internet standard of any kind</t></abstract> </front> <seriesInfo name='RFC' value='2104'/> <seriesInfo name='DOI' value='10.17487/RFC2104'/> </reference> <reference anchor='RFC6590'> <front> <title>Redaction of Potentially Sensitive Data from Mail Abuse Reports</title> <author fullname='J. Falk' initials='J.' role='editor' surname='Falk'><organization/></author> <author fullname='M. Kucherawy' initials='M.' role='editor' surname='Kucherawy'><organization/></author> <date month='April' year='2012'/> <abstract><t>Email messages often contain information that might be considered private or sensitive, per either regulation or social norms. When such a message becomes the subject of a report intended to be shared with other entities, the report generator may wish to redact or elide the sensitive portions of the message. This memo suggests one method for doing so effectively. [STANDARDS-TRACK]</t></abstract> </front> <seriesInfo name='RFC' value='6590'/> <seriesInfo name='DOI' value='10.17487/RFC6590'/> </reference> <reference anchor='RFC3864'> <front> <title>Registration Procedures for Message Header Fields</title> <author fullname='G. Klyne' initials='G.' surname='Klyne'><organization/></author> <author fullname='M. Nottingham' initials='M.' surname='Nottingham'><organization/></author> <author fullname='J. Mogul' initials='J.' surname='Mogul'><organization/></author> <date month='September' year='2004'/> <abstract><t>This specification defines registration procedures for the message header fields used by Internet mail, HTTP, Netnews and other applications. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t></abstract> </front> <seriesInfo name='BCP' value='90'/> <seriesInfo name='RFC' value='3864'/> <seriesInfo name='DOI' value='10.17487/RFC3864'/> </reference> </references></back><!-- ##markdown-source: H4sIAKvKV2QAA+1deXMbx7H/fz/FPLpeIuYBIAAeIqEwNsTDYixKDClFSblS rsHuAFhzsYvs7BJCVMxnTx8zsydIKZYT50Wuik0Ac/Z0//qY7km32/WyMIvU SGydJItlJMM4E+dKBRPp34qXSbIU4yBIldbihZKBSrc8OZmk6g47nD9/2fg1 SPxYLmC8IJXTrDtRsfJvVdefTqKu5LbdObXtDnY9X2ZqlqTrkVDvl57OUiUX IxHGgVoq+FeceV64TEciS3OdDfv9o/7Qk9BoJGSaeaskvZ2lSb4ciVcqw0/i HfwrjGfiW/zau1Vr+DYYiYs4U2mssu4prsqDmWQc/CCjJIaVrpX29AIG/OGv eZIpPRJx4i3Dkfg+S/yO0EkK65pq+Gu9wD/+4nkyz+ZJOvIErBXa/74nnvNG 4Rve/u9l3L2ah1G4XJZ+S9KZjMO/ySxM4pE4idSdSq+V9Ofi28XkhfiVOEl6 4rtvoSXSQmUjcePP5fTHHPvHKzUTQ/jNDzOg2LXUmQpwVD8JYMbhweCwT5/y OEOSfqvShYzX8NVyThv9v70jsbfXH4qjp7tH/e7gAH5SCxlGI/HjcvKNT8tJ cTk9P1l4XpzAAFl4p3Cjfxpfn+N/hTAMo/6U4RkFYjzJtRLXagmEQtqfUzdq WtAJ/4Hdj6h1+J6+CeD0R2IqI63os1ZpqHQYTxPb452ajMQ8y5Z6tLMzC7N5 PsGl7UgaZOe9TKfAIdDBLdTrdrtCToB80oeDfjMPtQCezBfATCJQ2k/DidJC ioWCpQUim8tMyChKVvjlJbCnnCnxOg1nYSyzJBVZIvRS+eF0Db/7TkamVkYi lJEnIArbwvC3kDw+D8XMLqahioKeN4500hEhLmUaxrCQbK5EmkfwF2xCLNPE h35IRWBQ/Gol0wA/6hyYpLSAHmxNiUUCuyZuou4Z7lamoYbhkjwTyZTGB3Ko 2Ff4UQpifRz0b3B0OAmcUQLUg08rucbtwiLuwkCJS+CMSfJeXPHnVIsVnAD0 cRvFOTcSpeed5MBNcRatO2ZMu68Ftob/FRsrxgyJeDLOZURts3AB8JHEOl9g c0Mhmrp5Wpq6NBbe85haCoQpDvXCnGgIew5jpprjEfh7omimfBKFeo5UwmER oYA/sU0HqTSTOUwdIrAojaTu0NwzCRRPC0pM02QhQiCQwp7KrBDwLUrWuDLx pj477DDIfYWsCSA2m9MRXhSQKK7PTwRDpYdjrWB5cZIBISc/Kj/DtVGPszfn v4bZlkh6oKUhXI8lZBEGQaQ87yuERpqQmIio53iKpWehFglsHoWd2XWTEKQK foFdBNRZO2kjIn/4H1j2wd7e0f19wUabOA9nAcjE403Xwsk3LHCyph/b5bTl 3PHYU5ZAPU/yKIDDBcRZADDLlBeC48HBAHclUTJbEw2A33y1zDSzByCEPaBn 1BRZBOYl/qUxfLkMMyBypDI6YwDEgrWIgKC1qgSpDAunMq4TrESxDsMEzIm4 5sS9jgm184jhk0a6wJYDUABGqqI1UlGKeb7AMwD0i9cN0onV3B2HfkjGkcCg ZkUOvJkuDU0AaMrLR65mnPVJdg2Hblo3IcAyDe/CSM0UixV1bwISUhV5f5mq JfwdEForRE47InwB+8Pdw5RrOKgY2wNL6CSWE6SFikLQezQUzBcC3gBL9rwX yQrVYcdiUYX6DGIxsCBJLYyKRP5rHmaqDlghYXDKE8RqVd2sFoDW2CxfdkA/ mtZt/L2ScUakA6CkcS6uLGYqsE1Ov7u4hFNGZNU4ECLdjDYdpiVKmx4974IQ N8TddArAtegaMqSsVBQBl4UZq4qdBIFN6nASKWbABbATMEsb4L7APa8UDrlM tDIn2IbYsB9ZUZMkU6i/GAf4WB3z8kEoI71kPDmD1S6gxDSrMIqQwE3mwVND yyXMHNvghG4ws1jHr4XSaKEnQaVGoIcmPnMJUIhwU9OHaUHmBi8BoxXd7CGs LF5JOAtUKjK4AyZA+rGyb1HRCCTEHW3mR0ekrJ2AMDAvtTt9dUPAncKvqEn8 ORxWjFvGgwZyB7BSoF8OqhDWkq0U/LrIoywEldZ6nvbwUgXykBJvg2GHxJAB SARvHFkd1eEdiA/sueedE7EkKsoOSgFDDkJTjtaMm1Gv4ewXwPB08PyJTlKr jOG2wklAzhDEJlnFG9alGwvTzG23ioCR5cjyAMgSEKznvUqc9MBxIg1BmG9z wi4eH7jEWF8NaNWk4hKRTNAGqkGhYyhCViM8Qcl0CZFxlxJFECZgUyUBy4T0 KAxHQ4US7T2n3kAjM6JKfy0iCaau6s164tvTq2vc/snJ1bjXUEDf/+XJV9ix azpuI07UhQMItUZtSTuBVWgiCHbr1Oyqsu1t1H2yCM2ZVXqC7lExySPurU0k SWaSGLiTpJZ+kjVL23uF8A29wbbWrECL7RXkBPhPVmIJfh8wIuHLEm2BDJcJ niSdIkhtN4y7MESX7SbQmhnOaeWBBifsRU5DSTVYApIVLkNS8GNYJgCdj6yP /DoDpxAPDWV5BktKyX+y+noL7cYtWIMZFp1KGrEYBNUkLcNa1QbBiAXdWA8p 2hJ4KY1m0a2yuMHoCL+C3CEzAFjkiwmK8RSnR/uuY+wPMIaihFdBP5L/SWIV KGyKtiT85khRaC2Dmo74Yi7TBZ8twpSuGU3EzkVjmgfOCnAqh/Esy2rl5yk4 yKSCUd7YGt0GjgCdB0oZPP11nTnnkk3baYKeIG2FjGlwKTX4lL8RY/y+Fe5Q dYQz5F02cZqyDLgG2NIGjG3qgI3jKLLWF2K6m7+hwwoYaZvYzhiAKETJ0ogT gBjiYdvkzkn4jXiOfmOkymZ52xS4/U1WABmRQUKmxFyijVW39GDGSPoKprty c1TASssp4NzSmbwPWKLeV1+JGx+gkIEXjvfMeWwEphiv6tp4VUVLWHGlFhZs uhen1VY4M/rWVWewJ7wrmWYhcDfT0Jr9RRNBrIgsgAISOFjbvCAYpo3XSHMA FSaoFR8fxVo1Gy0ac7CBO02ct01dgX62YySxQTaEBu1oXd4tW8MUWWLbjYIQ FApCEyTUzqcOtc4RTdtiPD8uQejVTjr126KHO8LgaHMm9HwFdsE4A9l+4Mdn 4gl+9U2osmkPEHfbaNhZAjLQsomQbe1Yr1Rag4a/5uDwk4c7kbiVBIFSRt1V kkbWtccxEDm64kIb+9+FCuQiQXu0aeK3xi6+xjE2WBJAEs0rJ5MANpsBtKHF i0YtUIb80I0+c2XsluV80uht6z5NTIQL/DMXgmrwLG77YckLTYxCla0uC/TM RDTfO0LgliZWSez4c+XfaudUwCbgxDG8gCyZtVN5oqCBajN+0OSHg/58U7cc whRdnfa5QaUq0FDB1ybOWWJfOqWJElYJwhygrRHbp3lkvczNyBFqd7gSvGIZ tHlQdHDYIsMmwNjZKtnoERhDNwaHiNqtlUy1Z4AXMHWJGArcUqwyItOfscOs sRa2Uw24U++N39uAPFT/rVJeIkuxmvK4FJG7U+bM7mSUk17ExstkmUcy7TTW oskuhuYZ2FRxBZjgxL1pnpIfBr6Vn2ttvcBU3YWavCHUZS9A4dMVSxBOp6hN KZT4OlbdkygEIXkb63zCthF5T7MkCUxgw9i7rW3Fhw9fX5+fHPb3D+/vjelC FmSEcbK1MVZAzuchWHe4DVLdGq1p4GuLYtr4GgtrslQMqlL4pOmTGQeJkeEl zFZZXtVhXaE7KpZ5SjEEBuVylBCWTjGevDQC0UkS6LNfaWxipEzbekLNvoTl ePamkHHRwUoTGfjI3WA33qrMqhMycMv6BUiGdg7a6hitjFgrCbCspuDZ45GK U4z5E0BoFzfD+yktti7f3rzZ6vB/xavX9Pf12R/eXlyfneLfNy/GL1+6P2yL mxev3748Lf4qep68vrw8e3XKneFbUfvqcvznLQ6SbL2+enPx+tX45ZazXDxn F6MBznxP5w4wnrHurniKz0+uxGDPhPyGgwGG/PjD4eDpHgZ8waHrFE4bf6R4 nFwuAQjIwwDAMmFUICVMoedopaLqNKrakotvHrdaQ/d83YEXlGERJ93aYDNu 0ZIIKnEahlqj12DOmzW4te/NVpes8RGRxs9fnZv97Q9399xmn+719+/v6aSv mcXJCiBhvjZQ7fDxw1cWvbvG5bo3MSTFofjCX2ZzqxjQOhp2AOuzsdDbwA81 MgqKRWJz4LzduMC7oQm6DwwF0riVRgonioeOwIfFKGmOIqJURuAFlniWhn7m GevCeLEGtQ3tdodDINc5SasxwKvtHjDY0Z7Cy5DQl5Fz5qgvSdAEAxOZP7cq DFA7DDyYF8OkxxiY3n16YOEvA/XcExextXW0oSSFVLeC4y1UTuB/ZyXHvrkF XhhhpVuZDci68KCZjReJ1GoebiMGU+eTbnAbLrpuLGvIFvapCaPR+LrYFFij f//7371rBb3i7pXM5iPxW/QPVPoNGdBpz/RE8/t3Hu5qJMYrpZOFEq/USvPt hvht7P7+ptLjTTKyTFn8Ara2d8NXUyNxky+RiGbMAKxmvslbJ7lXPu2RQFu9 NPgzw3zHeONrmBjMRNiB3H2q9geTaXe3v9/vDqWcdAcgld39vV3ZPxweBoM9 2bq/kyTGUEL3zXqpRiIDw2SHQOIZxvxSrbLjPJt2Dz1kg+6NJfdI3B0Pngl5 nGrZ1XM53D94JoLjylL1MVLombnDFvNju38iKVCptIG64Tsqk+GZMezoRkRX aFecQY+OlYTuWkXyvQqaUvegpQc+9TxEz8VEsKbtHN7ZwPiPyp14UO68nyp4 Zn4TYChk78mZkYPBNupqvB8CuHLfDrdNz59bON0yfhYBbOv4ueWwOcd/kjh6 VgorMzwgkqbDZ5NMx3H/eQj85eR/MiZDYzBZMUS4tslyTXxuQbWy0/cJplHH 5NLYOMSjCOyAGzopc2fKGK4/ZV7OBOB7SnIh0RL5yMlpuo+yEyszCpvdlaM/ TkqjGFjFfCtA+5nAujrNW5pNms62qlmllU4VQnADIP0sVYqi3ibZxMhi+71y z3sO6/oFW4VaSt2tSuwvAZRalvUTUenng6PWtepjvrf+LBbiv9U8NUN8PCKO Y3FGcZEbld6FvircTYw0YX7QkrJ5iJML19bgIF7LWg92TPcJGvNz6O4xzDDN LtFFdgrndcjlMlobMSagKOStECrwc+/A+PRAuNjZRdFo70RC+vyMLq9NXgw1 3LAtao69OUqGOyjMTpVSaLljY+S1XQsbDQKh96M8UBz5sOTn8MVW/YgoMILz zI9FJmc9o6/ozn3zOu0NKFOQYv1EPT6R9vVx6B4vYcKYUw/d5WJ5nT8JijaB yhcY+le4px8JLz8/yn2azUW2gFt0S6ytpi3vvXeYcsK3VFnnE6+ntDOhjJi6 64mtOfiwIIMuERulfcEpT9CKzaOq4WLvKQpbCK+MQrKrWlzrmtUTm7ywuovv A7ylxWWdXVenPfLnYsx8fewCf4Z4fD1xaTOyKsTiMhBxTnTxxg6tESRsmtCi tWeFojYlxTVtpzcmQZuANMf7kdDW5jKLdtkmQidsDVLmmL1S4jQX7mE3yhts nHl5b8BTdClt48ndMLBlLbTGe4K8lmjr5fjPDs3lo9eehOMObU1K/51MwyTX xV0PJXMx9lbzK0rlBEWm3K8x7Rhz2/BSblYkiRXCWM+kuqCYb+kGgenYZDS3 L0Aouo+j3CZcRmai2hiJB96PM5c8JNH7+frF5fjkmG4P+hhQ5+wGicHwFMzh W7XuYKVNBrNxIiVBYRdREVPhoXGvFGbHvlyO4jwuzgO3P1ZZo0iDeDTuTIxn dCK4DePrc1z0/tHBPizaZF0Zdddy9shr9rbl5Z/JwKd8ABgKq2vcEJ3GDQta /Fjs0uUG27zbxp0wMKW96TAtmQ8bDZ9Q6H7SkvdtszU+lTTbTBsThXs87tce dHOO4EafzCBpfUcFbFrbKcDcA5d5VHKogsdX19l0V1Igo03SJeulZTWtZHeu dpN5YPAaF/S8zakZhnU02rhPHuSUbb53C/naRvnzGIOjmOZYNpVb1UBGyVtY r9Sag1neTI19KQywCnW74/sQGRwAI/0yCp1cXlyeUXpAyV9v0I602g1ZHmAX 2zs016GyPp7faqMa9MHgl+OLl8eO++wg9ds2Oh5nMTSwsMUs3zBQLQBTxG6i tZXGTyFE8tF0sEBVP3dUUZSaS4wWSL8FkDiJ4GD/qI/VKXh3a3MaqpraVA1M koA2Q/C0tgVAa8r1A06d5RHf1mJusrlAxKVaFP9QZun7kllRro8INekzmKXQ 560nj3fO6DgZWx2H3rKU/n4jwIFctRWxMvjZQiOapLi0oOtX/IhGiovk1bQP WXNbz7bMcXBiHe6kWhJB8STMMgdD51ZVU9KM5/RxN2hUNMmmsriwhWlc70V2 XYO0G+g9T4jmnE3ImTpkq65K2dWlw2gmIdJh1Gyh9juq2Fg31hJ60CbRbXNN lEVs5SoeGQh74gztwZYd0pV2oHzMNTEgudAqulOY2ErVTMSzyDlULUDpA4WR 0czZ2mwZECl4FDeoy7CtZK5XooKI9+VUA4oLFh+NmVAXcDzPtnIvV2HkA1+h O091Gybb2+QTxAFWqaiKprUFiNjfBESM39BAfptr0KBAR3iUD4LYA6otXT+W AFBUx5Zlqp7X+mjm+wYExOMgK8HulfysCu3raG739GikdpsW7z125A+Hf+t2 3na1aKIt/e2rqgPD2S2Fp2PJ/GEzzN3X4jiUCINBN6w1YMBH3/ndDfz7+uU5 Z5DAOF3M22P8a6hXUKMVDNKtAfamEV7WJKbWEAak9BvANiEn8dQzOuh4R5S3 5HnlT+K4GlQbbdEOinXb6IX953uAam7ClO9ycepfaMueV/kSBv9fbfXMlngC H0jZ7ODXpHe2bdCi4Qp+DK3f3VyVSU3u0CYybyRLyYU1pCl948hTDs2Y/U/h Z970lBoOfvOEl7Ajtka4SWxlNvhuHmZKL6VPSXxgZydp4VRgd8yr5KRKF0wx jYix0dfVajGJbNZ7wtARFYIdBj1B2QSUSupzYiZ1LqXcVxNGN7tpWHcQYekx QGDG220sFm+I0kmYpVikTHUMBj2pXhn/hNWqbqTiGTBpFGJVEcnhjc0NPqmU qIDobSheqaeGcdqo0oURX0uGtvWPqDSLNkmUm8qdxBbYPQCO9SgA8OiY6o20 rQFofSfEexma0jlzGUjxZjNm5yOmNUn9VJtMVVZ3iuqdppRwGYU+BT8KU6BS OfjI4MoNP4WvA1tUBIy56BUhxri4wQRNAqRbFBar+6WyL/axWA36JihFsbZK TiyR0Noe4iYHeClqQ2Mx5tIp7/oBEwLLdcyLELJ2FcIxNmlzpms/csZeHtPz HpTAHE5LNfiwHlO5JXRpXT5wFTJ1grXN/i1YS3iDY6g9EhiBxdJqTW8D0D3A Xcg4XhRMTtMQf+7huyDUw6Xi2u6YWWs8aWtTYP4nHYr3Kll1iiLqkFczxYTc h5beaaEBvoZgGtr0eKpcK13i1IhGzfBMJ0UxlK1hp70RE2jhmXI804Qr0I0/ ZBm1I/gFByouY/lpofgGSJq7ylygSFuKPdmqbE3ggw/LNETLxdXGUda0wmLb Evkas4MwtVa42XsqDqV0xSLRGUYQaB6VIfx18X6JS2ZQytiEoVd7VqCx5vjU iTZsbuatCW7rpvDKCvcE8py49RLlZq6UxH5tPE2UUdwqgUQLgU0xB39jHiQp loQSehaDuJp6OAt4O2QbJnTR6JLVuSoNrOkClbiOlRZuTGB+0wYXq5dJMsXn csCvdSFd2NdtjBdmjwMXq/hMLZZk585ywp1S7GKnEU029GAg5sw4QHP7Lkbr skszLOAoy4n1O4ZoKI3u1Rb3hIcJMIfaVfWVEDXSyWZYxVP0+amYen1gxTS0 R+zKGupHUa5s2OxrPSwqrKHKlaWuDr9ThL0fjNvjPfKUksg75BdzOLybJV0O h7fEwFtC4KxxShHwlgB4Kf5dKloXqsTBRocWV+PM5KdYZHlliiw/VOq8723l ORejEOvyQyNVpzwDX3hahFmpQKNWvUnGSK8W1gD+36HgjvHZbCh6UwxyAyQi s4KUY/p5fdpIruC4WBWG2eYS9V79fShbA1O+M1pwbVJR6Wh5l9/xKYram3Wr psx9gzPcXnHfcOw23NGhsjf185jslIGryFE2IyQNb5lWQeUXlVi4vW8b6+L9 nrYQ38ZFkGxzmJBDFUgG6G6rJHu1Qny6fWuMREJpjV6TvUH8BQZ8xk9WIJRU 8SDU5i7GFWTx4wfKvFTl4Kb5/oELKZnX0loe4Gl3s8nQMz8+dAG43TExd6IP yGgSz4D2rZdopfAzDE/WDqNHG9T0PMvLsoQkttoD0wbR98nc7VvnQZShfvTC RvWyrfpQSB1set6NUkSD+UL6XaPEt7lC29mHxuCd8GUe/vZHDKmgl4JUPMPT oaLQP+SkJO1zUzZ46Lv3TyZUmoX3EYpfamIT9648nHLDsZlR8zs4rUe9n4cT etzBPKlSPCfQBlwl27PJsnO+vCysUHcllBSPO7RY8FzG3izeMUhlzM0gsS7r wkxsX5ZYg/l2l6Qss60rA4PCraC2xtbVtN1KbJB4HJrKIfUD0GwYGw/T9Dcv IPCjVXi/VoLnsFRHXbz8Vrm4qJDAxcmtl9QOJhs1fA8NiMIrril73yn7adk8 xeQnByeABbmBIH7pJNf8NFHZImYF89aU6aNomkdRNuHow3bzpnpxE592MLlR 3RREZigtHlWjmMTF+NW4Fo9oxAaJ7tTQPHOj8AVKDvKbN5n4UaGqNYTpOqxM dg8P9lCZkD1PV3ZX1syAM7cLrYQpX8kF3mSZVyrWo1Ic60VZxfGrm5XVCrDN l6AOfFIPmISQ+Ek0Im7yvBs4wVyPCkNHwpfs9+2ccBExAm2KsfC09T1P8duW VzN/ByNzlbJ5zckaF6NqNODhuN8vn8jlFf/yySxMDYYmp5Of6fIpxdHG9iv2 EkL7BB/20bBMUBAq4IAaWYOZnGn2hKmJyQM174+QheJxjiUXT5ZuJ2zUwWJz 8K8pCFko912sss9djNeIDovBYDAaDoej3d3d0R7880svE/n31Otdlx0iQ1DD D1365/gHLBr5YbjX7x/0jw6GPwz6h7u7h/u7e/u9wf7R8Ohod3AwOOr3a5Qx CnzHWaY8dtEqlbGegp16FvsJRkBG4inYRJ574sWMQ1YXKDBoOZ6RZMFOd/q9 gfdHcKLoAWP8YPRR1EWt1mUO3cjC3jhFCyvqntLTv29yUK3DXfH7PBbD/rAv +gej3cFo91B8e/nG48t/FXRPKfVnJMoD3SR56sOJXAG/HQ17/d4Q1vITKUc8 lU79w+GwYKq3b86BqR4l3hcZ/u+S4U/ktG7XKfxK6OUG4wTM6F+0xheO+6e0 hg1u6SK80yTvF83yT2iWYb8/GJ0+PxyNhvufUbmYQJH+ZCXzEVLz+XGJY2kY NxIfKvGe+/9yxNp9enikBlINjnYPpRxO+8E0mMq9w8mwHxxODyf+gT8cSH93 b+rv94e7gUWKg93pkTrYk3u7wVQFfv8L0n1OpPsCdP8vge6zCds/C5Bi7ONN baSCGT/r9MYm03P4OQizJA3pQdW7EJhZrDBfwWUimgsuSq2UeHeLz+aV/g9g OAGy/rtKM37v7obYQeM7sPy2M83pJ70Ay1bHaazoJy2zjniTTEKJpVjpbR5J avmS7/7fRjmGGp8MfjWgIKT4lbiEhUu+1riBNuK7NJlH0PvJ8/PvxFlwxy/Z kyBum//vCDwT7x/gsTX/OmgAAA== --></rfc>