Re: [dmarc-ietf] DMARC-Compliant Mailing Lists
Douglas Foster <dougfoster.emailstandards@gmail.com> Thu, 07 October 2021 10:52 UTC
Return-Path: <dougfoster.emailstandards@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBAFD3A0E1E for <dmarc@ietfa.amsl.com>; Thu, 7 Oct 2021 03:52:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hgkoDS0jTW2W for <dmarc@ietfa.amsl.com>; Thu, 7 Oct 2021 03:52:18 -0700 (PDT)
Received: from mail-ot1-x335.google.com (mail-ot1-x335.google.com [IPv6:2607:f8b0:4864:20::335]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C1083A0E89 for <dmarc@ietf.org>; Thu, 7 Oct 2021 03:52:10 -0700 (PDT)
Received: by mail-ot1-x335.google.com with SMTP id j11-20020a9d190b000000b00546fac94456so6966400ota.6 for <dmarc@ietf.org>; Thu, 07 Oct 2021 03:52:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=+ebt5m/IQZN8FXpgnYVBOWGjdXFWp+UuEACZh4cs6mY=; b=Helb3tZwzYAERcrBypjbfVcQGtHaJL4MVS5mWs6lGMx8G7wR3DzUez4CLoLwZpY/M/ v4ER0Y1zi1NTAbsLYQ3XdAg9cPgu2tKL2kOWGMq4KFROxpbIqtaVr0x8uZobJ0wepvEZ E/AxB6YEMHk9E4UT3aV/MIhhsCyjOP4YUhLmZ06Q7YhhoPHffE9r/mRb0KavhBiIvLFi PS4VB93ovwqhsVlnFp1XEdYEqRC7qWXok9w/8VQHIPxTZNLnVU7k+ty0JwZgYnXeLHOI gGNphCgON/Z1Ez+5wzFCdxMpfkE0MBS6hSvipaFwJdOu4bSIoXPUpqDcxMLE8+arkKs1 YQ7Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=+ebt5m/IQZN8FXpgnYVBOWGjdXFWp+UuEACZh4cs6mY=; b=izgELOHWReQ7eU6RckZr97PQ1CVcuvK3oT9UwqtPBtKoYttraUu+UKboLT5qqBUP9/ XYyTfC+DUgLAkca28b4Vruhk6jB6CnrHbSvNKsg3KLq1lPp1tZ4IeIzI8HzjdUkWLgSP y9yart4laYCp3nyG2GhkHSSXIb1bCHndsMzNc/ilMkaqEKAsyNWrNr9dRIL0cZmBEhx1 YJkdZErRrfyPFArwaLUs2fwrsLfCzEiVhIAKTOpKpi9TEcnopxHY2F4pN9IrKBoyJUoW mHKSPjlGD3ZzX/Wlo7IcIedwEZzeilQS7+8VorVOu8QwYw3KO5fHmkCiCLJO7XNDkugU cuxw==
X-Gm-Message-State: AOAM530Zqbd/pbNnq2yESJpfeN3BNNmv37IZtr5HtzIBVvDENjRyGnP7 sWLZ3QKYMxT3oTHemSn7HLZIwxuB0XKUJafAvbV1JfHV
X-Google-Smtp-Source: ABdhPJx1L8O2qYmPzJuu+JBQe310Hy8gBkCTFKTppTjARnL3biv7wfyF5R92TIAilBrvljfB20U5oqTNpXUp4jSl+tc=
X-Received: by 2002:a9d:5d05:: with SMTP id b5mr2841100oti.153.1633603929507; Thu, 07 Oct 2021 03:52:09 -0700 (PDT)
MIME-Version: 1.0
References: <163330644504.4498.4372063758638317614@ietfa.amsl.com> <CAH48ZfzMU+ky5da+KL3Ye8kcsrxBfjLYsxKwomsgz3b5jJb-Sw@mail.gmail.com> <00e6935a-3653-b6a9-988a-5f6c56a79d1f@baptiste-carvello.net> <CAH48ZfyK+HMPFx-D3ym1tozkpV+n8dEbchazam9S65wEwdA+tQ@mail.gmail.com> <cf6b221c-014a-f49a-3ad1-866154122b7d@baptiste-carvello.net> <CAH48ZfysiUArXWW=dZd60NXaV6He=XR9z+u7dmSYGVk-8XzbMQ@mail.gmail.com> <76957191-f98b-e405-8736-a51fb8b49c5f@tana.it>
In-Reply-To: <76957191-f98b-e405-8736-a51fb8b49c5f@tana.it>
From: Douglas Foster <dougfoster.emailstandards@gmail.com>
Date: Thu, 07 Oct 2021 06:51:59 -0400
Message-ID: <CAH48ZfzWLyzrL25GJ1A9VZAebc3BoavLturYiRrwaB4SibJRng@mail.gmail.com>
To: Alessandro Vesely <vesely@tana.it>
Cc: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ec097705cdc10d67"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/O-SwjFr0sBv_CWLndPRToa3sLZg>
Subject: Re: [dmarc-ietf] DMARC-Compliant Mailing Lists
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Oct 2021 10:52:34 -0000
OK, I will talk real. Message rewriting is a privileged function, because it can be misused. Privileges require trust and trust requires a trusted identity. In this context, the privilege has to be granted by the evaluator, and the list has to know that the evaluator has granted that privilege. You have two options: - use only the list organization identity, so that the evaluation is based on the list identity, OR - register with the evaluator, so that you are granted privileged status to use other organization identities, and know that you have been granted privileged status. ARC fails on exactly this point. ARC only works if the evaluator examines ARC and the List knows that the evaluator will use ARC to allow list messages. Without that knowledge, the list has to assume an absence of trust and use a fallback method of sender rewrite. When 60% of the world implements ARC, we will still need 100% From-munging, unless there is out-of-band communication between the evaluator and the list. Doug On Thu, Oct 7, 2021 at 5:06 AM Alessandro Vesely <vesely@tana.it> wrote: > On Thu 07/Oct/2021 00:32:30 +0200 Douglas Foster wrote: > > I can define three ways that a list can be reliably identified. > > The list bounce address is known to the evaluator, and: > > - The list bounce address is known to the evaluator and the message is > DKIM-signed by the list bounce address. > > - The list bounce address is known to the evaluator, is the message's > MailFrom address, and the message produces SPF PASS. > > - The list's server identities are known to the evaluator, and can be > verified by IP address and/or Forward-confirmed DNS. > > > How come a list is known to the evaluator? I don't want to go hunting > each and > every mailing list I ever subscribed to, let alone pester my users for > doing so > in turn. > > For wet dreams, I did outline a three-way opt-in whereby servers become > aware > when their users subscribe to mailing lists... Let's talk real. > > > Best > Ale > -- > > > > > > > > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc >
- [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists John Levine
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Baptiste Carvello
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Baptiste Carvello
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists John Levine
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Scott Kitterman
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Laura Atkins
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Laura Atkins
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Scott Kitterman
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Barry Leiba
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Baptiste Carvello
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Dave Crocker
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Murray S. Kucherawy
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Dave Crocker
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Barry Leiba
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists John Levine
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Dave Crocker
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Benny Pedersen
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Definitely Alessandro Vesely no question
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Scott Kitterman
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Benny Pedersen
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Scott Kitterman
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Scott Kitterman
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Dave Crocker
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Scott Kitterman
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Dave Crocker
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Dave Crocker
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Scott Kitterman
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Dave Crocker
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Scott Kitterman
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Scott Kitterman
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Dave Crocker
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Dave Crocker
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Scott Kitterman
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Dave Crocker
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Dave Crocker
- Re: [dmarc-ietf] bad senders, was DMARC-Compliant… John Levine
- Re: [dmarc-ietf] Oh, the mail, it is a-changin', … John Levine
- Re: [dmarc-ietf] Oh, the mail, it is a-changin', … Dave Crocker
- Re: [dmarc-ietf] Oh, the mail, it is a-changin', … John R Levine
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Scott Kitterman
- Re: [dmarc-ietf] Oh, the mail, it is a-changin', … Dave Crocker
- Re: [dmarc-ietf] Oh, the mail, it is a-changin', … John R Levine
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Grant Taylor
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Scott Kitterman
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Dave Crocker
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists John, come on
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Scott Kitterman
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Barry Leiba
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists John Levine
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Laura Atkins
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Baptiste Carvello
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Dave Crocker
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Murray S. Kucherawy
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists John Levine
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Scott Kitterman
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Joseph Brennan
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists John Levine
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Scott Kitterman
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Grant Taylor
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Baptiste Carvello
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Scott Kitterman
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists John Levine
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Benny Pedersen
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Douglas Foster
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Baptiste Carvello
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Dave Crocker
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Benny Pedersen
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Benny Pedersen
- Re: [dmarc-ietf] DMARC-Compliant Mailing Lists Alessandro Vesely