IETF Logo Mail Archive

Re: [dmarc-ietf] making mail not work for your users, was the endless mailing list silliness

John Sweet <sweet@secondlook.com> Sat, 20 April 2013 19:54 UTC

Return-Path: <sweet@secondlook.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DCB3F21F85CB for <dmarc@ietfa.amsl.com>; Sat, 20 Apr 2013 12:54:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.976
X-Spam-Level:
X-Spam-Status: No, score=-2.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UBtB0rQRYqPu for <dmarc@ietfa.amsl.com>; Sat, 20 Apr 2013 12:54:18 -0700 (PDT)
Received: from mail-vc0-f177.google.com (mail-vc0-f177.google.com [209.85.220.177]) by ietfa.amsl.com (Postfix) with ESMTP id 035DB21F85C9 for <dmarc@ietf.org>; Sat, 20 Apr 2013 12:54:17 -0700 (PDT)
Received: by mail-vc0-f177.google.com with SMTP id hr11so4991369vcb.36 for <dmarc@ietf.org>; Sat, 20 Apr 2013 12:54:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=secondlook.com; s=google120824; h=x-received:mime-version:x-originating-ip:in-reply-to:references :from:date:message-id:subject:to:content-type; bh=hbmWGNXVoma6jhqrueXWWLbO0afrD4UaQP2QErtwg+g=; b=bw0j9D0Oc+9nTTx18GHAdbTbycjI42V3eeB0meV/a9zsaO8sORX0E7+j0PRHBFDzi2 76h2uOyvMnvusc5ZIzyh7gkir9luKUtXIyRntBQm4xtj10aLXL82NCUnnCtDEL6NXn2P KFjtIrlLCanfS6MDCh2d3676q+VrgO3i+bX38=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:mime-version:x-originating-ip:in-reply-to:references :from:date:message-id:subject:to:content-type:x-gm-message-state; bh=hbmWGNXVoma6jhqrueXWWLbO0afrD4UaQP2QErtwg+g=; b=JanZfJJfyVNpBRW4jQ+u5Xs6M+jA3ygYyTP7fGiK8ZQytxIgbJdHWaU/hLXaWv59be rjAIHJEz1ad3M+0wok4fTV5pBlGlzPUEHcl5zwlWzRUXMRXgZgJCmamXWZ3OCnGe5tmY BvU0LKTbhfNjfTsvzd1mwL1qUdGBZGhyyDYB70AoAAI6MEXOuuB285+3NrASiiM9L3e2 +FiGkkb6kCne57tCbNoV4PgzXqhkT9IIiNh94vrAEjUflKBWR6OUJ0Hz933g4Hu7CM82 sv016kmvzrUzwGCdb+yG4sEGcqzF58o9ceH/IdWYnT6XTFvu6fhrhbMfJypBivU9G57A 5dSQ==
X-Received: by 10.52.164.166 with SMTP id yr6mr12909712vdb.37.1366487654127; Sat, 20 Apr 2013 12:54:14 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.220.250.6 with HTTP; Sat, 20 Apr 2013 12:53:54 -0700 (PDT)
X-Originating-IP: [50.0.158.23]
In-Reply-To: <8952faf08749497a831465e00de4785d@BL2SR01MB605.namsdf01.sdf.exchangelabs.com>
References: <20130417103918.3587.qmail@joyce.lan> <7BF5EC3D91FA4D6DA7902A1387BCFB60@fgsr.local> <CAAjc_p5Vcjhdzj5Vw1WY8nG07NTcydf9nWjqhs8iX_UHq1COhw@mail.gmail.com> <8952faf08749497a831465e00de4785d@BL2SR01MB605.namsdf01.sdf.exchangelabs.com>
From: John Sweet <sweet@secondlook.com>
Date: Sat, 20 Apr 2013 12:53:54 -0700
Message-ID: <CAAjc_p6bfarW=X9gWWK++cfuMNN_-m_T_mBcPv5k9QA4p4X2QQ@mail.gmail.com>
To: "dmarc@ietf.org" <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="001a11c187e0371a4404dad03389"
X-Gm-Message-State: ALoCoQnXd75XgSIukTddtzrkOac+cbkkrSOTT5v9WBzZTwL00CHZ2jNavjHe9OXbG9MuU8oN+n+T
Subject: Re: [dmarc-ietf] making mail not work for your users, was the endless mailing list silliness
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dmarc>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Apr 2013 19:54:20 -0000

On Wed, Apr 17, 2013 at 5:12 PM, Terry Zink <tzink@exchange.microsoft.com>wrote:

> >>>
> Likewise, when I see your posts here on dmarc-ietf, I really don't care if
> it's you or someone pretending to be you. Some applications of email just
> aren't desperately in need of authentication.
> <<<
>
> So, are we basically on a discussion list that is in charge of moving
> forward the DMARC standard, but the discussion list itself can't
> authenticate with DMARC?
>

I have no problem with mailing lists representing posts as being from the
list, not from the original posters. I didn't subscribe to the individual
posters, I subscribed to the list. I do expect the list to authenticate
posters (especially since only certain addresses are allowed to post). I
don't expect the list to transport their authentication info through to me
to verify for myself.

Once I can tell the message is verifiably from dmarc@ietf.org, I'm done
caring. I don't consider the mailing list convention of preserving the
From: of the original poster to be a useful or necessary feature. Digests
don't do it: they're always from the list.

If this means you can't post to some mailing lists from an address
protected by a DMARC reject policy, or that some mailing lists only send
digests, or always rewrite the From:, or even only rewrite the From: when
they can see the poster has a reject policy in effect, I'm fine with that.

If a list materially misrepresents the contents of a post, or identity of a
poster (same thing really), it will rapidly lose all its posters and
subscribers and cease to exist. This isn't a current scam profile, and I
can't see it ever becoming one.  This isn't a problem that needs solving,
let alone by DMARC.

J

v2.23.0 | Report a Bug | By Email