IETF Logo Mail Archive

Re: [dmarc-ietf] non-mailing list use case for differing header domains

John Levine <johnl@taugh.com> Fri, 07 August 2020 19:12 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 927D73A0F62 for <dmarc@ietfa.amsl.com>; Fri, 7 Aug 2020 12:12:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=lfyLUQc1; dkim=pass (2048-bit key) header.d=taugh.com header.b=f7zgiNw2
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MNddwQfH2HCR for <dmarc@ietfa.amsl.com>; Fri, 7 Aug 2020 12:12:19 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75CA53A0DF1 for <dmarc@ietf.org>; Fri, 7 Aug 2020 12:12:18 -0700 (PDT)
Received: (qmail 29330 invoked from network); 7 Aug 2020 19:12:17 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=7289.5f2da791.k2008; bh=agUfAqjpYzvGEbSha6L6els3qldwMXbpXCrSYF/qC+U=; b=lfyLUQc16eauzYSaD2+DXJMGoKXnfGJpW1ShJCO+hL7v7LNqiQH18iD7xcMS7Xjtxi8k0AcUbA50EvsyDeufZv6vrKhB3v5UW9xNNemXzHytdlrrwFyWxtKoJxqjiAFCFEii1FfRSZtaiwM+gY9l3MXYPNC1NO6bEV5btzuYa8extBR2FcYuKcKQu4ApFKvdETromXMxEuG3llwE9U4BssAJ1GJOywAV3Q11oTmYbAnDYOiQBrKkfE2g1QI5NZfDkNVz2gxje1iIQovMeqpTxbhyEtOm7PyI1fOu+NW/6U7/P5J3Dc2Vto6RVZfQdDR3J2V+DXaCqSof3wbPxa51Xw==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=7289.5f2da791.k2008; bh=agUfAqjpYzvGEbSha6L6els3qldwMXbpXCrSYF/qC+U=; b=f7zgiNw204PgU8ryDthPEACHR14nVNZQuP8jy1BrZQvyi44wRQ27GskhvNA6UkR9Cb5msYcbcCR3rc43VozHP+6yU1Nl3QC4RBdT2MHJg25LVq4AYC5cO8anCwMCOydhCUU+0ukb5rTUPX0cy4j8HVEKFhWwlyxCgeqZZwasp3/8b/mKNZOEw+Mi4CPdG3tYYzTzfhsJGCtb5anpur5vg7M8ZYzujsqkg5RIcY8vCw09esI25WvlTUvvu8maIh7LwN7VtoHzZqMtPMlvKBFtaaJ8s2iI5pue3pKjDHmZMTP3kCP75FeJGykyxdNR4njm0t4Ag5Nxhb/p9OC0wtSgJw==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 07 Aug 2020 19:12:16 -0000
Received: by ary.qy (Postfix, from userid 501) id 43E971E4014E; Fri, 7 Aug 2020 15:12:16 -0400 (EDT)
Date: Fri, 07 Aug 2020 15:12:16 -0400
Message-Id: <20200807191216.43E971E4014E@ary.qy>
From: John Levine <johnl@taugh.com>
To: dmarc@ietf.org
Cc: atyrsalvia@agari.com
In-Reply-To: <BY5PR13MB2999AD95B4BD7C80971FDA4FD7490@BY5PR13MB2999.namprd13.prod.outlook.com>
Organization: Taughannock Networks
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/eWnaJkvJw9R3q7sH3MyD-hnOI8A>
Subject: Re: [dmarc-ietf] non-mailing list use case for differing header domains
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Aug 2020 19:12:23 -0000

In article <BY5PR13MB2999AD95B4BD7C80971FDA4FD7490@BY5PR13MB2999.namprd13.prod.outlook.com> you write:
>I feel like what is happening sometimes is that central university IT is trying to drag their whole institutions into a
>more secure posture before anybody in a position to stop them fully understands what's going on lest they be told to
>stop because it might make things a little inconvenient.

I was with you up until that sentence, since it trivializes the real
problems that overly strict DMARC policies cause.

Just yesterday I was sorting out a problem with people trying to
finish editing a revised IETF standard about real-time web
applications. Some of the authors' messages were disappearing,
apparently at random. I saw what the problem was, one of the authors
is at a big company whose IT department insists on p=reject (and has
blown off complaints from fairly senior people about the problems it
causes), the other uses an MIT alumni address that recently moved its
hosting to Microsoft without telling anyone that the new host enforces
DMARC policy while the old one didn't.

My guess is that MIT figured Microsoft will host this for free, that's
great, totally unaware that some of its users' mail would silently
break.

I told them as a workaround they needed to directly cc each other when
they send anything to the group list, but the whole thing is a
self-inflicted wound.

R's,
John

v2.23.0 | Report a Bug | By Email