Re: [dmarc-ietf] ARC vs reject

John R Levine <johnl@taugh.com> Sun, 06 December 2020 04:14 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 24FB93A0CD2 for <dmarc@ietfa.amsl.com>; Sat, 5 Dec 2020 20:14:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=Y30AboJ2; dkim=pass (2048-bit key) header.d=taugh.com header.b=I5gD9Mh0
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bq6J1cQvFHHf for <dmarc@ietfa.amsl.com>; Sat, 5 Dec 2020 20:14:21 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1FE813A0CD1 for <dmarc@ietf.org>; Sat, 5 Dec 2020 20:14:20 -0800 (PST)
Received: (qmail 57211 invoked from network); 6 Dec 2020 04:14:19 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:content-id; s=df79.5fcc5a9b.k2012; i=johnl-iecc.com@submit.iecc.com; bh=+xlxFxSzRRT1pqXaq6Pp6jl9nb+C4qyBtwuquPYXBl4=; b=Y30AboJ2PGt7YmbZs6efroU/1h90u95Pb9v+biKJXz9L2re28Q2FSwvwDit8XM7xpNxJdqWV+h6Ts2vT2Czy0f2n0aTqQZC/8uoUYj5BfABkHKn8fI+XZ5P7O8dnbRZ7+C8Du5zgEhNzpxF+haiWij5v1FG8UKNinotb9pBrUqUDeakZU1Pvw7OB+9xkhPkeOSAX4YiAgRZb9XDxnYXIpnnI/FM8wkWxPOsjVrWBXGuo+3gBUoTG5so5wqg2N5qmaV4Wbi421ySduyKk/1UAFwTm1954P5jF5paIewSRhTgpJolWs/vwE8xuLWtCRfnqO24tLWl3+YmFrnkWYi04SQ==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:content-id; s=df79.5fcc5a9b.k2012; olt=johnl-iecc.com@submit.iecc.com; bh=+xlxFxSzRRT1pqXaq6Pp6jl9nb+C4qyBtwuquPYXBl4=; b=I5gD9Mh0sl6gk3uqmGwfT0uz5Q3itEz1ym0VWFY48+1Q3nQlt6LwBLu199HK9rrxXddnmVWqF+yIedNOwJmQSIkYnJ6aGizqi4fEQ74+FuYligYWOIcIhASBP1nChJeSXJfI2YpVvqAL0QvUyvf1BkD7faiXTOxmEQKljBfDSgVpwVRUb6eXffvUBNJlh+nPPa5R632OrmT+vxvQ3lL3w5/2ZKqrbiU5vOVEXc0Thfxw71AdiMcBueQVnZCYqmPC8TlBoskXn85ywFUaNe8Z5S368eRaMmHFQ3/3q7enZVJPWtmrRwoxOUJBCnEOAjIcmcAUcpc84SJ3g7yizckudQ==
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPSA (TLS1.3 ECDHE-RSA AES-256-GCM AEAD, johnl@iecc.com) via TCP6; 06 Dec 2020 04:14:18 -0000
Date: 5 Dec 2020 23:14:18 -0500
Message-ID: <d8dc2644-cbcf-d3a1-c5fb-46fdf5bec819@taugh.com>
From: "John R Levine" <johnl@taugh.com>
To: "Jim Fenton" <fenton@bluepopcorn.net>
Cc: dmarc@ietf.org
In-Reply-To: <A7E1018B-F6B1-46F3-8FEF-69FDC744DA4A@bluepopcorn.net>
References: <20201205210351.DB78E2904420@ary.qy> <28759E60-3A00-4D25-9490-34495B96EE10@bluepopcorn.net> <9c23d850-4164-1320-1c25-40554c1f64b@taugh.com> <A7E1018B-F6B1-46F3-8FEF-69FDC744DA4A@bluepopcorn.net>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="0-220286709-1607227744=:47280"
Content-ID: <4048e8b-782a-b050-7d7-94d2a667746c@iecc.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/S5vdecZWgu_369k9f4Mhse80y8M>
Subject: Re: [dmarc-ietf] ARC vs reject
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Dec 2020 04:14:23 -0000

On Sat, 5 Dec 2020, Jim Fenton wrote:
>> Of course not.  That's just the tiny gorillas stamping their teensy feet. 
>> Why would anyone expect that the people publishing that flag actually 
>> understood what it meant?  Many will just turn it on because someone said 
>> it's "more secure."
>
> FWIW, I don’t think a lot of the people publishing p=reject understood the 
> implications of that, either. This is not significantly more arcane.

Then I think we agree.  There's no difference from p=reject and 
p=reject-I-really-mean it.

> ... If the recipient domain accepts modifications by zero-reputation 
> intermediaries (because there are so many of them, after all)

I wouldn't call that a reasonable implementation of ARC.  The set of hosts 
that are likely to send you mail with interesting ARC chains is relatively 
small, and I don't think it changes very fast.  Most of the hosts that 
send you non-spam mail aren't going to send you mail that needs ARC.

If you're setting up a new mailing list host or forwarder, getting 
yourself into whatever whitelists people use will be somewhat painful but 
there's nothing new about that.

> I’d be interested in other opinions on this. Or whether this is a fundamental 
> problem with ARC.

I'd certainly be interested in hearing how people plan to compile and 
maintain their lists of ARC-worthy hosts.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly