IETF Logo Mail Archive

[dmarc-ietf] are mailing lists worth saving?

Michael Thomas <mike@mtcc.com> Wed, 09 December 2020 23:05 UTC

Return-Path: <mike@fresheez.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08D043A17E8 for <dmarc@ietfa.amsl.com>; Wed, 9 Dec 2020 15:05:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.75
X-Spam-Level:
X-Spam-Status: No, score=-1.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mtcc.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eOeuVFWIrOMU for <dmarc@ietfa.amsl.com>; Wed, 9 Dec 2020 15:05:56 -0800 (PST)
Received: from mail-pg1-x530.google.com (mail-pg1-x530.google.com [IPv6:2607:f8b0:4864:20::530]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 146363A17E9 for <dmarc@ietf.org>; Wed, 9 Dec 2020 15:05:56 -0800 (PST)
Received: by mail-pg1-x530.google.com with SMTP id n7so2360870pgg.2 for <dmarc@ietf.org>; Wed, 09 Dec 2020 15:05:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mtcc.com; s=fluffulence; h=to:from:subject:message-id:date:user-agent:mime-version :content-transfer-encoding:content-language; bh=qykRQ91ZXp4/vTuZwzyy2j6zpFsDjVtIRgdXSWd6sM0=; b=QndP671WjhcGgfi5nWHOFDnIuiyl7/zIwDAJ8t9EYa6rvFbdklVQ3x7qxK5KT3hmvS VUSJG5y+AL7O7eyt5kPIfAHUWCqzwO67V9B9d0/NCb+J3GoVTvgdIT30HoelH+b+Tlq9 DHYI5Mnarki4cC1UBGv1vLy38fHhZYi8Nvog8kSSWQbIIirJo3qtJE89YmaKqsEx1VOC djaunb8XTe6QIpypslsFLLaeg4JR3vB4LSBwEDC/YZf6CLVgyG4jR0V4HCyenXsuCEDe hNZORQao1Uxk1Qt531zvniAmd2zM/4jN4mFXtjs1AsT5MPkpZmchSElRHvwPdZt3ZwRr kDvw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:from:subject:message-id:date:user-agent :mime-version:content-transfer-encoding:content-language; bh=qykRQ91ZXp4/vTuZwzyy2j6zpFsDjVtIRgdXSWd6sM0=; b=LAy5Gxq1bClUg4LiH15rEC3cxwXtFE8vBRWJPXlfU/unGLS2fPeIyubm9genE3xyWk X5DpEFgbz4z7ceLiUXspWgszLb2myD3e2jQnr7vzr9FImU+d5qnsoURrWt/n5/9h7Flo Vlz9uJ9Zc/KHfZYEnLjZiss/x3SdUuFmkEoF0+T9PY89ZadQ4wIS33GkfOuFj5ySbizE ptQDa9WTTt1EVyNAcDROUEiPD2x5fXaiNaTXwoQ/7+iCs5wGkE6hIZrke7d4Y+3/VEOL ctZxf92nrlOaGDP54uHURMGvqbE+0WTtRZet8iiDwuguCQGfDO4Nm4ssxQnbbApo8IBm Hwtw==
X-Gm-Message-State: AOAM530/qV2BNH/S8kO05w22D4Fq4hOhULSfSBYVR1V+PMCXivLxOXtt RSaT/aH2As/h38xtM10E0lkCqjXNnhxjOA==
X-Google-Smtp-Source: ABdhPJw9+EzuITsuAMCh+aGE5SYypQCC6W+2u5GIeEM8DBoYIiqZwb8DOCYt2cxA8srJqcshBc3aUQ==
X-Received: by 2002:aa7:8a88:0:b029:19d:8f05:b7a6 with SMTP id a8-20020aa78a880000b029019d8f05b7a6mr4255476pfc.39.1607555155167; Wed, 09 Dec 2020 15:05:55 -0800 (PST)
Received: from mike-mac.lan (107-182-41-154.volcanocom.com. [107.182.41.154]) by smtp.gmail.com with ESMTPSA id d1sm3643388pfh.138.2020.12.09.15.05.53 for <dmarc@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 09 Dec 2020 15:05:54 -0800 (PST)
To: "dmarc@ietf.org" <dmarc@ietf.org>
From: Michael Thomas <mike@mtcc.com>
Message-ID: <c2df8f16-eb3f-d400-2466-b82f5b1ecdfe@mtcc.com>
Date: Wed, 09 Dec 2020 15:05:52 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.5.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/GLZnVfDUjEAsCqGdOXySy1mNaqQ>
Subject: [dmarc-ietf] are mailing lists worth saving?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Dec 2020 23:05:57 -0000

I know it's heresy on an ietf list to suggest it, but we know that 
amount of traffic going through mailing lists is tiny -- like a couple 
percent. The amount of traffic going through other forms of manglers has 
to be even farther down in the long tail of traffic. Mailing lists arose 
because that's pretty much the only way you could get one to many 
communication (ignoring usenet). But with the rise of the web that 
ceased being true, and a lot of that traffic is now just web-based 
forums, etc.

The benefit for DMARC, of course, is that we could just pick the few 
nits left in the spec and call it a day knowing that p=reject is 
perfectly fine in a mailing-list-as-historic world. IETF has always been 
pretty retrograde and conservative -- I mean, a thousand long thread of 
hand wringing about FTP fergawdsake on the ietf list shows that. But 
mailing lists are seriously ancient technology and maybe they like FTP 
have outlived their usefulness for all of the trouble they cause.

Would it even take all that much effort? Mailing lists could easily be 
gatewayed to something that sinks the messages and provides a UI to 
read  them if your home domain is set up as p=reject. For all I know, 
such services already exist. Something with its own UI could even create 
the UI such that it even preserves the DKIM signature! No need to modify 
things in-band.

Basically just declare that mailing lists do not meet the security 
requirements of the modern internet and they are an intractable problem 
without a good solution... just like FTP.

Mike

v2.23.0 | Report a Bug | By Email