IETF Logo Mail Archive

Re: [dmarc-ietf] Signaling MLMs

Scott Kitterman <sklist@kitterman.com> Sat, 15 April 2023 03:24 UTC

Return-Path: <sklist@kitterman.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D1A2AC14CEFE for <dmarc@ietfa.amsl.com>; Fri, 14 Apr 2023 20:24:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=kitterman.com header.b="1WOaE8RA"; dkim=pass (2048-bit key) header.d=kitterman.com header.b="GUhGvMnt"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AfHVUf_VLAsO for <dmarc@ietfa.amsl.com>; Fri, 14 Apr 2023 20:24:47 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5CA57C15152E for <dmarc@ietf.org>; Fri, 14 Apr 2023 20:24:44 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) by interserver.kitterman.com (Postfix) with ESMTPS id A3F2EF802AE for <dmarc@ietf.org>; Fri, 14 Apr 2023 23:24:33 -0400 (EDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903e; t=1681529058; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from; bh=basJJp23Q6iITbgObIfD5XBZ5PfFLe+AiQjdVJLap1Y=; b=1WOaE8RAMzB8zgseLKXyOqp5CEorhy9itPdbiuFAHxmkdxsacPF3W2zTYM5/QOrFCz+SR MXAUnrKqn9ew1UUDg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903r; t=1681529058; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type : from; bh=basJJp23Q6iITbgObIfD5XBZ5PfFLe+AiQjdVJLap1Y=; b=GUhGvMntJIyhgdij5mGoNGaHjWFD1lWeaXbC7Gjl9stQDuR9lpvwwoT92MhfRCkLk5tNN fIkcQ2qhAKt+eNKRb9hxIz5lCJjV1AAX5c9gq0S4sdn1Ey1c3THD6fs4xwuxojMgzr5NOPm D0EbkH/1HvzJK67IQCMiyIATPRmhUQRr8iL8Xzo1JcySYZ4SlOyFfaW8nTl203yIE+nVz+D zhz6c3osYLP4ygpRgwkuHwDStg+OwGAFyOgylaoCCyLe3rQyWOep0VAORe5ZoUR9W3F390s DTcrSJnucmAWI5aJYMd/UeRTmCQV6AVObN7QuXuNTv9Tiogco7McdDPbABYg==
Received: from localhost.localnet (static-72-81-252-22.bltmmd.fios.verizon.net [72.81.252.22]) by interserver.kitterman.com (Postfix) with ESMTP id 6EA1DF80270 for <dmarc@ietf.org>; Fri, 14 Apr 2023 23:24:18 -0400 (EDT)
From: Scott Kitterman <sklist@kitterman.com>
To: dmarc@ietf.org
Date: Fri, 14 Apr 2023 23:24:14 -0400
Message-ID: <19178820.EVbMYgQtk6@localhost>
In-Reply-To: <4b5aa1d9-dcb0-4abd-a149-b6bae30349f7@app.fastmail.com>
References: <CAL0qLwZc2X7tyP+_8vvL3Yb7uJk6td3XGbsXUB68BNUEMhV4yQ@mail.gmail.com> <CAL0qLwZToWMh3cO-1zvvMZBFvo2o_PF+aRD58kAEZ0OObOcQNA@mail.gmail.com> <4b5aa1d9-dcb0-4abd-a149-b6bae30349f7@app.fastmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/l_6KsESt5YgZbHvzM81NzvnYWso>
Subject: Re: [dmarc-ietf] Signaling MLMs
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Apr 2023 03:24:53 -0000

On Friday, April 14, 2023 10:31:33 PM EDT Jesse Thompson wrote:
> On Fri, Apr 14, 2023, at 7:17 PM, Murray S. Kucherawy wrote:
> > The Sender's users being denied the ability to participate in a list due
> > to its policies seems to me like it puts this customer service problem
> > where it belongs.
> Let's say, tomorrow, IETF configures this list to reject Todd's mail (as
> well as for every other member with p=reject) and/or disables from
> rewriting. Does Todd's domain owner care? No. Todd cares. Todd can't argue
> with his CISO and IT security team and biz dev team and public relations
> team and legal team and all of the other forces that caused his domain
> owner to publish p=reject. But he can argue with IETF for making the
> decision to make the change, because he feels like the IETF considers him
> an important stakeholder.
> 
> It's this list's customer service problem, like it or not.
> 
> After calling IETF customer service, Todd finds out his options are:
> 1. Create an email address in a domain that houses members of the general
> public, instead of one that represents his identity as a member of a
> company. 2. Don't participate in the list.
> 
> But Todd is really important to this list, and doesn't like these options.
> Surely something can be done for an old friend? John, having been escalated
> this customer service dilemma seeks DMARCbis for guidance and finds:
> 
> ...MUST NOT p=reject...
> (Todd's company is pretty clearly stating Todd mustn't be representing his
> company on any mailing list.)
> 
> ...Domain Owner MUST provide a different domain with p=none for mailing list
> participants. (Maybe they do, maybe they don't, but it's worth asking.)
> 
> ...Mailbox providers MUST NOT reject or quarantine email based solely on a
> DMARC policy violation. (John could ask each mailbox provider to create an
> exception to their DMARC policy enforcement)
> 
> and he also finds something like:
> 
> ...If a mailing list would like to provide the best customer experience for
> authors within domains that violate the "MUST NOT p=reject" and to deliver
> the author's mail to mailbox providers violate their "MUST NOT solely
> enforce", for those authors the mailing list MUST rewrite the From header
> to use a different domain. This is a new mode of interoperability the
> mailing list may choose to adhere to.
> 
> John now knows what he MUST do to provide the best customer experience given
> the reality he finds himself in with an important stakeholder. He can
> choose to ignore that MUST as much as the domain owners and mailbox
> providers will choose to ignore their MUST NOTs.
> 
> I feel like there will be very few mailing lists that will ever stop
> rewriting (among those who are doing it), especially if DMARC adoption
> (publishing and enforcement) continues to rise. This is the new way of
> interoperating, in reality.
> 
> Throw them a bone so that they have a MUST to justify the things they had to
> do to interoperate all this time. It's not as easy for them to justify
> their reality with only this page
> <https://wiki.asrg.sp.am/wiki/Mitigating_DMARC_damage_to_third_party_mail>
> to lean on.

Or Todd gets a Gmail account for his IETF work and doesn't bother tilting at 
windmills.

Scott K

v2.23.0 | Report a Bug | By Email