Re: [dmarc-ietf] A policy for direct mail flows only, was ARC questions

Michael Thomas <mike@mtcc.com> Wed, 02 December 2020 19:29 UTC

Return-Path: <mike@fresheez.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D74AD3A1532 for <dmarc@ietfa.amsl.com>; Wed, 2 Dec 2020 11:29:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.65
X-Spam-Level:
X-Spam-Status: No, score=-1.65 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mtcc-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bqTCVIHV-q_F for <dmarc@ietfa.amsl.com>; Wed, 2 Dec 2020 11:29:22 -0800 (PST)
Received: from mail-pl1-x62d.google.com (mail-pl1-x62d.google.com [IPv6:2607:f8b0:4864:20::62d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 559393A152F for <dmarc@ietf.org>; Wed, 2 Dec 2020 11:29:22 -0800 (PST)
Received: by mail-pl1-x62d.google.com with SMTP id j1so136060pld.3 for <dmarc@ietf.org>; Wed, 02 Dec 2020 11:29:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mtcc-com.20150623.gappssmtp.com; s=20150623; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language; bh=BDf2PMO9e9Q2ToaJBvqkzjR9Q/pKLnMzmivHnOowypY=; b=ZGYjrMghhx9MUpBCAfvbVbBeXCwaxgAGBq4ru7RQGfkOVUIB3gsL1I+w/5Q4Er/qhj 6l8d2vz7xDX/Utgl2XlMO/E0DprmwRM7BEuwkFkKjfdL1Dc2McfY6xPFcUC/o8i5sk03 XFv+QQ6rpAt9hYDc7pnppxXTVQMaGzzJgTqX4ttrxjEMGOYzJDsVLY2J3aSVT8vZast6 baI1GX5dpPb2EJKSYZ9F2uuL0fVJ023ZFiF+ICjCZr0x+cP5q6YIAFzoO0NT4VkayhqP pMEwHkxKjXBzsXrmuzXZotL5PUEAYQICG5AdGZXbHLSaloHGJBit9jO5zpM/8XuuZBrf Pn2w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=BDf2PMO9e9Q2ToaJBvqkzjR9Q/pKLnMzmivHnOowypY=; b=eNb+S2YU9PS7vllh2V1T80YVdE15Ir3LBAU/qm71EejSMCNRn2eXbAANhILTSrx4bu PISIIo8MnE8VtugZHkSLVcWJWotx4DvvZNYEPZcyqVfs4ptM+ScCPuKjwb8FPqpoIlJt A/yShUnK9drl85AOda6PtFnCprO061JfqGpAVL0I/NiU6YJig3WMZ0NxDTYHaIaZIivf m5Eb0OQLR88xhp6/GO5+l4OKdIM/PUGuG4A9pVYCR0JEWtymPVA2wWLspESwnrmi5JU3 Kbax1s/3KCsEVPQAQwbr4ivT7TRYTJB9ZzathsdaPMrV5L/aJUI2ku3svLFzVDotqOha v32Q==
X-Gm-Message-State: AOAM533Ex406AFsw+5gT0EnvGxW4s32oh6JFWePMDsTGbcoNNNYC9k5p m5Sri1beg+qosNdVQH0GUiEwqbfLSwnGRA==
X-Google-Smtp-Source: ABdhPJy/6H/xipwt/g4d0zt9RWcaswG/0KlMr+pAEaXnxZN2Jw4oeVuuBWXHGb1RGXArtOiBTqIhZg==
X-Received: by 2002:a17:902:b688:b029:d9:d374:68d with SMTP id c8-20020a170902b688b02900d9d374068dmr3924991pls.9.1606937361219; Wed, 02 Dec 2020 11:29:21 -0800 (PST)
Received: from mike-mac.lan (107-182-42-33.volcanocom.com. [107.182.42.33]) by smtp.gmail.com with ESMTPSA id o2sm461330pgi.60.2020.12.02.11.29.19 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 02 Dec 2020 11:29:20 -0800 (PST)
To: Brandon Long <blong@google.com>
Cc: IETF DMARC WG <dmarc@ietf.org>
References: <e9166148b9564102a652b4764b4f61ff@com> <8c83fffc-077d-9ddb-db2f-b9763361c60f@tana.it> <39eafc5e-3d9c-0bea-1173-7277070195ea@wisc.edu> <081c42a3-492b-89b7-ad76-ccec48dea091@tana.it> <b0f72407-81ce-9990-4a5b-7b0e5b76e3d7@mtcc.com> <2d1dca4f-e46a-646c-9fa3-d9ca56c72196@tana.it> <CABa8R6sV0x8wWmggp98JfXz8jh0GfAmZ+tNkvqnMPnVK534uPQ@mail.gmail.com> <8353c6ab-adac-d0c2-a809-1384aac9b39f@mtcc.com> <CABa8R6sTYySBAew+oPTCjH-88xynsWUesaFKzTkCLfmcA690ig@mail.gmail.com>
From: Michael Thomas <mike@mtcc.com>
Message-ID: <d349f986-3593-5b17-be7c-fc0c3a2b6412@mtcc.com>
Date: Wed, 2 Dec 2020 11:29:19 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.5.0
MIME-Version: 1.0
In-Reply-To: <CABa8R6sTYySBAew+oPTCjH-88xynsWUesaFKzTkCLfmcA690ig@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------A4CF2E28D2B7BB7C1CABB370"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/c_c8ZXHNvDKp0nMfJn_6rSJHyTo>
Subject: Re: [dmarc-ietf] A policy for direct mail flows only, was ARC questions
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2020 19:29:24 -0000

On 12/1/20 6:21 PM, Brandon Long wrote:
>
>
> On Tue, Dec 1, 2020 at 10:07 AM Michael Thomas <mike@mtcc.com 
> <mailto:mike@mtcc.com>> wrote:
>
>
>     On 11/30/20 8:56 PM, Brandon Long wrote:
>>     Right, some of the other dkim-light or diff concepts we discussed
>>     would be better than using l=
>>
>>     We again got hung up on the 100% solution, though... something
>>     that handled subject-prefix and
>>     footer in a transport agnostic way might have worked.  The fact
>>     that DKIM isn't transport agnostic
>>     is an achilles heel to even that, though, since we'd have to come
>>     up with a new canonicalization
>>     and get it to widespread adoption before the simple diff could
>>     work.  Or require mailing lists to
>>     be a lot more strict in how they do their email rewriting, but I
>>     imagine that's harder work than
>>     even ARC.
>>
>     Frankly all it would take is a google or another large mail
>     provider to publicly state that unless a mailing list supports BCP
>     XYZ, your mail will be subject to very strict scrutiny and likely
>     not delivered to get the attention of mailing list providers. That
>     was my suggestion back in the day but it was scoffed at because
>     people could point to some edge case that generates .001% of list
>     traffic and thus invalidating the entire approach. The best is
>     definitely the enemy of the good here.
>
>     People really need to keep in mind that service provider email is
>     not the only game in town. That point keeps getting lost.
>
> arguably we're all here because a large mail provider did make such a 
> change (though to be fair, there were plenty of others who wanted to 
> make that change).
>
> While Google might be able to help move things along, there would need 
> to be strong community support for that, no one wants to go this alone 
> and look like the big bully.
>
> I also think that you're overestimating what we could do. Ultimately, 
> we serve our customers, and they want their legitimate email, even if 
> it doesn't support BCP XYZ.
>

Well obviously the BCP would have to come first and there would have to 
be community buy-in to create such a BCP, but a Google participating in 
creating such a BCP ought pique the interests of people who make mailing 
list software who obviously have the biggest stake in this.

It occurs to me that it might not even be a BCP. Maybe mailing lists can 
just create a header with sed commands to undo its changes :)

Mike