Re: [dmarc-ietf] Rethinking DMARC for PSDs

"Douglas E. Foster" <> Mon, 08 April 2019 13:50 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9EC6D120312 for <>; Mon, 8 Apr 2019 06:50:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 1old5TAomd6i for <>; Mon, 8 Apr 2019 06:50:19 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 83BB712030F for <>; Mon, 8 Apr 2019 06:50:19 -0700 (PDT)
X-ASG-Debug-ID: 1554731416-0990573e6344a20001-K2EkT1
Received: from ( []) by with ESMTP id 9uo7JcBaU3d0JXox (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NO); Mon, 08 Apr 2019 09:50:17 -0400 (EDT)
X-ASG-Whitelist: Client
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=s1025; h= content-type:mime-version:message-id:reply-to:date:subject:to:from; bh=wW6DlRcZWlmVNX6kiXZCESTk4vhMGTfzaFdJzY+FKBI=; b=qE0zo3yfObAdbwqKGjejlkWkHnEXlDngdR0ZK64bzdouK/kIUJHiCG95VkDWPSyRn ptyJXnRW4HcGIyt9Nn3zJTy5oTN24ZK280hEpWuq9/mXUfzpqOOBEdcRc/gxhQHA2 aunTHyeNoWb+wlszS6UlFxQ2+WqAPP14rUqs+lykY=
Received: by via HTTP; Mon, 8 Apr 2019 09:50:08 -0400
From: "Douglas E. Foster" <>
To: "John R Levine" <>
CC: <>
Date: Mon, 8 Apr 2019 09:50:08 -0400
X-ASG-Orig-Subj: Re: [dmarc-ietf] Rethinking DMARC for PSDs
Message-ID: <>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary=271c455e40294ad1bdc29618c5876ea0
X-Originating-IP: []
In-Reply-To: <alpine.OSX.2.21.1904080939220.13124@ary.qy>
References: <20190408005045.5EC462011B2BFE@ary.qy> <> <alpine.OSX.2.21.1904080939220.13124@ary.qy>
X-Exim-Id: e4eeecd07b4a482096e5f0eeb2cc5d45
X-Barracuda-Start-Time: 1554731417
X-Barracuda-Encrypted: ECDHE-RSA-AES256-SHA384
X-Virus-Scanned: by bsmtpd at
X-Barracuda-Scan-Msg-Size: 4235
X-Barracuda-BRTS-Status: 1
Archived-At: <>
Subject: Re: [dmarc-ietf] Rethinking DMARC for PSDs
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 08 Apr 2019 13:50:22 -0000

RBLs are alive and well.
 I understand the risk of helping the bad guys, but I think the evidence is 
that silence is hurting the good guys more than the bad guys. 
 My focus is on defining a framework for discussing product capabilities, 
while leaving room for vendors to add value above the minimum 
 Demonstrating email legitimacy is essentially a protocol between sender 
and receiver.   IETF has only defined one half of the protocol, so why 
should we be surprised that the conversation is broken.   Expertise can be 
assembled; the task is desperately needed.
 In the interim, I am open to recommendations for good spam filters.   I 
have been trying to avoid disparaging the bad ones by name in a public 
 Doug Foster

 From: "John R Levine" <>
Sent: Monday, April 8, 2019 9:41 AM
To: "Douglas E. Foster" <>
Subject: Re: [dmarc-ietf] Rethinking DMARC for PSDs   
> Since bad email filters are the problem, why is there no IETF working
> group to define the expected behavior of email filters? More
> importantly, can we start one NOW?

It's kind of outside the IETF's expertise -- there are people in the IETF
(not in this WG) who believe that DNSBLs were a failed experiment in the
1990s and nobody uses them any more.

There's also the perverse incentive that if you define the way filters
work, you're giving bad guys a road map to avoid them.

John Levine,, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.