IETF Logo Mail Archive

Re: [dmarc-ietf] Signaling MLMs

"Murray S. Kucherawy" <superuser@gmail.com> Sat, 15 April 2023 02:57 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22A6BC14CE40 for <dmarc@ietfa.amsl.com>; Fri, 14 Apr 2023 19:57:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 66xQyzuBmCVt for <dmarc@ietfa.amsl.com>; Fri, 14 Apr 2023 19:57:27 -0700 (PDT)
Received: from mail-ed1-x52c.google.com (mail-ed1-x52c.google.com [IPv6:2a00:1450:4864:20::52c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 990C5C14CE33 for <dmarc@ietf.org>; Fri, 14 Apr 2023 19:57:27 -0700 (PDT)
Received: by mail-ed1-x52c.google.com with SMTP id 4fb4d7f45d1cf-504d149839bso434479a12.1 for <dmarc@ietf.org>; Fri, 14 Apr 2023 19:57:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1681527446; x=1684119446; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=tPyGS2hYnRq9y1E0Uyn+QKolYS5nsUCwb8sPlLOQdvc=; b=JIsIiij1BpdpR5boPdbN4q4NsoGWMm1YfgTa/p4fGcxxPtNa9vxMFwzQVDQrpZVOVb OdxjRcRi2NOcqBM2FGK1pWNqSe1B0EtT3ByWE18Elg52ZVWTqK11y1jD0RReWDtT6yGt mYfvXLASF25JYRUWO/TCJadkfMicRTzXrsDuyGjWuIoB79U1vP5dJmCcY3WbGZ21eD7x K/EmeG1gFrDduAkiddJfVdWGYl4HsN8fJVE5/bVj03FqEF5gHfm7mnNze69D8EROzT8J OCopDsMBxoS/Mk9QAPHf68cNy1ShFygXABGQLxOqIhiaCeVnjKoRMYijqhfz59Uk2wCt i9Cw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681527446; x=1684119446; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=tPyGS2hYnRq9y1E0Uyn+QKolYS5nsUCwb8sPlLOQdvc=; b=ajOQQES438RPJPya2xRPgnfgmMEAyBRUCV9QEPY5BLsVJLcJWhfH0P+gWdf9xDuTJI OM+YrrWjVR6A/psiaWh2r76xfyTPgDUp6ZlxSVNBrp69AX9qnTejYueONBW8PWjI4gAM p7oarxaJdddA7dWaOXfnM8DZ/5i/v2MCdFAahq98yGRTS2Ca/hxJxn+2UIjs3ilcnNsS fxj47vwOd6QqSH7DEKWdnCpGA3LK0+SFv9+95GYFm22zgwvecAYmUH4LW29f4Lc1T4a8 Hzben1d0GnxeworympUyr/ngoUEW/3qYQCc6rMYFrKZH/RkcxaOkE+5nxljODea/B7wM JnXQ==
X-Gm-Message-State: AAQBX9e2pif5gHisec6x6ujAw7jbzmZNUrmIGPbLrX5BWZ1vuVJDnop8 OBSmmax2jXSTQ4o5RrQb6ItrAluJ9bmR/tcpQRM=
X-Google-Smtp-Source: AKy350Ybbhf+n0uboMAfRC1c6/Ss2dTSZDPiWRu51N3kBM/9b+JalYU+x4P+XKiJzdH7/bC9TUhRuvMg+jLD3uNummY=
X-Received: by 2002:a17:906:7a4e:b0:94e:d5d7:67eb with SMTP id i14-20020a1709067a4e00b0094ed5d767ebmr3341694ejo.5.1681527445646; Fri, 14 Apr 2023 19:57:25 -0700 (PDT)
MIME-Version: 1.0
References: <CAL0qLwZc2X7tyP+_8vvL3Yb7uJk6td3XGbsXUB68BNUEMhV4yQ@mail.gmail.com> <909C826B-2745-4BE8-AD16-920E6DE86D1C@kitterman.com> <329db752-fdeb-7633-ede1-06e435db1c0e@tana.it> <6600461.14hOuAKI9C@localhost> <CAH48Zfwgyr6EGb1Ty3v7gVzEDbMr5dig_GVz79gwqx4F0zsEZA@mail.gmail.com> <CAL0qLwZToWMh3cO-1zvvMZBFvo2o_PF+aRD58kAEZ0OObOcQNA@mail.gmail.com> <4b5aa1d9-dcb0-4abd-a149-b6bae30349f7@app.fastmail.com>
In-Reply-To: <4b5aa1d9-dcb0-4abd-a149-b6bae30349f7@app.fastmail.com>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Fri, 14 Apr 2023 19:57:13 -0700
Message-ID: <CAL0qLwaJU66JLE_GbUcyzR75Zbf25_i_c+v57NVKOoYNPp8CNw@mail.gmail.com>
To: Jesse Thompson <zjt@fastmail.com>
Cc: dmarc@ietf.org
Content-Type: multipart/alternative; boundary="00000000000013f07205f9571eef"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/T-nKSkxdVIdhbCYNiv2pxQQibd8>
Subject: Re: [dmarc-ietf] Signaling MLMs
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Apr 2023 02:57:28 -0000

On Fri, Apr 14, 2023 at 7:32 PM Jesse Thompson <zjt@fastmail.com> wrote:

> On Fri, Apr 14, 2023, at 7:17 PM, Murray S. Kucherawy wrote:
>
> The Sender's users being denied the ability to participate in a list due
> to its policies seems to me like it puts this customer service problem
> where it belongs.
>
>
> Let's say, tomorrow, IETF configures this list to reject Todd's mail (as
> well as for every other member with p=reject) and/or disables from
> rewriting. Does Todd's domain owner care? No.
>

This is where it breaks down for me.

What's the calculus here?  The domain owner decides that protecting its
name in this one targeted way is so valuable that it's fine with whatever
negative impact it has downstream?  And we're supposed to be OK with giving
this sort of approach a blanket green light by not declaring such use of
DMARC not interoperable?  And we're fine with giving their biz dev, PR,
legal, and all the other teams you named a pass on dealing with the
aftermath?  Because as I think you can see, those are not the teams in the
trenches figuring this out.

Why do you believe that the domain owner and its users shouldn't feel the
pain for such a decision?  That its customers go someplace else that does
care about these things?  Or that it has to split its mail flows into
something general purpose and something transactional in the name of
continued interoperability?

Before this domain turns on "p=reject", the MLM didn't have a customer
service problem.  Now it suddenly does, not through any change it made, but
rather because one of its subscriber's domains set that policy, and some
other subscriber's domain elects to enforce it.  Does that seem right to
you?  Because that's what all of this did to the IETF, for example.


> Todd cares. Todd can't argue with his CISO and IT security team and biz
> dev team and public relations team and legal team and all of the other
> forces that caused his domain owner to publish p=reject. But he can argue
> with IETF for making the decision to make the change, because he feels like
> the IETF considers him an important stakeholder.
>

So push on the smaller operator, not the ones imposing the change that
suddenly renders well established practices invalid.  That seems like the
right solution to you?

-MSK, participating

v2.23.0 | Report a Bug | By Email