Re: [dmarc-ietf] A policy for direct mail flows only, was ARC questions

Michael Thomas <> Wed, 02 December 2020 19:29 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D74AD3A1532 for <>; Wed, 2 Dec 2020 11:29:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.65
X-Spam-Status: No, score=-1.65 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id bqTCVIHV-q_F for <>; Wed, 2 Dec 2020 11:29:22 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4864:20::62d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 559393A152F for <>; Wed, 2 Dec 2020 11:29:22 -0800 (PST)
Received: by with SMTP id j1so136060pld.3 for <>; Wed, 02 Dec 2020 11:29:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language; bh=BDf2PMO9e9Q2ToaJBvqkzjR9Q/pKLnMzmivHnOowypY=; b=ZGYjrMghhx9MUpBCAfvbVbBeXCwaxgAGBq4ru7RQGfkOVUIB3gsL1I+w/5Q4Er/qhj 6l8d2vz7xDX/Utgl2XlMO/E0DprmwRM7BEuwkFkKjfdL1Dc2McfY6xPFcUC/o8i5sk03 XFv+QQ6rpAt9hYDc7pnppxXTVQMaGzzJgTqX4ttrxjEMGOYzJDsVLY2J3aSVT8vZast6 baI1GX5dpPb2EJKSYZ9F2uuL0fVJ023ZFiF+ICjCZr0x+cP5q6YIAFzoO0NT4VkayhqP pMEwHkxKjXBzsXrmuzXZotL5PUEAYQICG5AdGZXbHLSaloHGJBit9jO5zpM/8XuuZBrf Pn2w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=BDf2PMO9e9Q2ToaJBvqkzjR9Q/pKLnMzmivHnOowypY=; b=eNb+S2YU9PS7vllh2V1T80YVdE15Ir3LBAU/qm71EejSMCNRn2eXbAANhILTSrx4bu PISIIo8MnE8VtugZHkSLVcWJWotx4DvvZNYEPZcyqVfs4ptM+ScCPuKjwb8FPqpoIlJt A/yShUnK9drl85AOda6PtFnCprO061JfqGpAVL0I/NiU6YJig3WMZ0NxDTYHaIaZIivf m5Eb0OQLR88xhp6/GO5+l4OKdIM/PUGuG4A9pVYCR0JEWtymPVA2wWLspESwnrmi5JU3 Kbax1s/3KCsEVPQAQwbr4ivT7TRYTJB9ZzathsdaPMrV5L/aJUI2ku3svLFzVDotqOha v32Q==
X-Gm-Message-State: AOAM533Ex406AFsw+5gT0EnvGxW4s32oh6JFWePMDsTGbcoNNNYC9k5p m5Sri1beg+qosNdVQH0GUiEwqbfLSwnGRA==
X-Google-Smtp-Source: ABdhPJy/6H/xipwt/g4d0zt9RWcaswG/0KlMr+pAEaXnxZN2Jw4oeVuuBWXHGb1RGXArtOiBTqIhZg==
X-Received: by 2002:a17:902:b688:b029:d9:d374:68d with SMTP id c8-20020a170902b688b02900d9d374068dmr3924991pls.9.1606937361219; Wed, 02 Dec 2020 11:29:21 -0800 (PST)
Received: from mike-mac.lan ( []) by with ESMTPSA id o2sm461330pgi.60.2020. (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 02 Dec 2020 11:29:20 -0800 (PST)
To: Brandon Long <>
References: <e9166148b9564102a652b4764b4f61ff@com> <> <> <> <> <> <> <> <>
From: Michael Thomas <>
Message-ID: <>
Date: Wed, 2 Dec 2020 11:29:19 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.5.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/alternative; boundary="------------A4CF2E28D2B7BB7C1CABB370"
Content-Language: en-US
Archived-At: <>
Subject: Re: [dmarc-ietf] A policy for direct mail flows only, was ARC questions
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 02 Dec 2020 19:29:24 -0000

On 12/1/20 6:21 PM, Brandon Long wrote:
> On Tue, Dec 1, 2020 at 10:07 AM Michael Thomas < 
> <>> wrote:
>     On 11/30/20 8:56 PM, Brandon Long wrote:
>>     Right, some of the other dkim-light or diff concepts we discussed
>>     would be better than using l=
>>     We again got hung up on the 100% solution, though... something
>>     that handled subject-prefix and
>>     footer in a transport agnostic way might have worked.  The fact
>>     that DKIM isn't transport agnostic
>>     is an achilles heel to even that, though, since we'd have to come
>>     up with a new canonicalization
>>     and get it to widespread adoption before the simple diff could
>>     work.  Or require mailing lists to
>>     be a lot more strict in how they do their email rewriting, but I
>>     imagine that's harder work than
>>     even ARC.
>     Frankly all it would take is a google or another large mail
>     provider to publicly state that unless a mailing list supports BCP
>     XYZ, your mail will be subject to very strict scrutiny and likely
>     not delivered to get the attention of mailing list providers. That
>     was my suggestion back in the day but it was scoffed at because
>     people could point to some edge case that generates .001% of list
>     traffic and thus invalidating the entire approach. The best is
>     definitely the enemy of the good here.
>     People really need to keep in mind that service provider email is
>     not the only game in town. That point keeps getting lost.
> arguably we're all here because a large mail provider did make such a 
> change (though to be fair, there were plenty of others who wanted to 
> make that change).
> While Google might be able to help move things along, there would need 
> to be strong community support for that, no one wants to go this alone 
> and look like the big bully.
> I also think that you're overestimating what we could do. Ultimately, 
> we serve our customers, and they want their legitimate email, even if 
> it doesn't support BCP XYZ.

Well obviously the BCP would have to come first and there would have to 
be community buy-in to create such a BCP, but a Google participating in 
creating such a BCP ought pique the interests of people who make mailing 
list software who obviously have the biggest stake in this.

It occurs to me that it might not even be a BCP. Maybe mailing lists can 
just create a header with sed commands to undo its changes :)