IETF Logo Mail Archive

Re: [dmarc-ietf] DMARC-Compliant Mailing Lists

Scott Kitterman <sklist@kitterman.com> Sat, 09 October 2021 22:08 UTC

Return-Path: <sklist@kitterman.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46C683A0AA9 for <dmarc@ietfa.amsl.com>; Sat, 9 Oct 2021 15:08:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=kitterman.com header.b=wnKAUCnN; dkim=pass (2048-bit key) header.d=kitterman.com header.b=kueEeyqw
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PA20PIlIlwZC for <dmarc@ietfa.amsl.com>; Sat, 9 Oct 2021 15:08:45 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [IPv6:2604:a00:6:1039:225:90ff:feaa:b169]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 863493A0AA8 for <dmarc@ietf.org>; Sat, 9 Oct 2021 15:08:45 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) by interserver.kitterman.com (Postfix) with ESMTPS id 2AA6CF80202; Sat, 9 Oct 2021 18:08:43 -0400 (EDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903e; t=1633817323; h=date : from : to : subject : in-reply-to : references : message-id : mime-version : content-type : content-transfer-encoding : from; bh=R8/ZTKEKVjmPUixu6zCzQn4L6pwS6A2tYTslZUpezAU=; b=wnKAUCnNYrskcfliYSNLSFc637k0YKl9Hni7qPZrtQ2hQzyAWETqff7JU1VAMlKqX5/U2 eV4Gba1W3WMf17OAw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903r; t=1633817323; h=date : from : to : subject : in-reply-to : references : message-id : mime-version : content-type : content-transfer-encoding : from; bh=R8/ZTKEKVjmPUixu6zCzQn4L6pwS6A2tYTslZUpezAU=; b=kueEeyqwkQLvmzXc3Kr9QXgXtuJpCDG4qrOVO5Ajbp+ZXwcI38xoPWp8tiZ5rlJ9d5n2t ddPSbH2j7EL1hBRASsqk2ikAG8Z9hzZ05Xxz2ht6trlU/OGDXgYHMeh4xb5hRCbfcB0mnhw 1c7fXtMagKO3Iftseunh68+AniBfzM8GcRYHE2cp0z/i0nTCAHDAqzMJD3LXPyhkGurQ3O9 b0US99BNaYlyw77au88eUm4CNFP4/6YO/OVNeRjD1g5Md0do1VcS68rtW+A97hWAgyoCJrc teKtdkG7Yrx/cblHq50CSKqtRMv0Mi5z4PWZY719CsCx+mbyhoEmF7mTUsWA==
Received: from [127.0.0.1] (mobile-166-171-57-193.mycingular.net [166.171.57.193]) by interserver.kitterman.com (Postfix) with ESMTPSA id A161FF80156; Sat, 9 Oct 2021 18:08:42 -0400 (EDT)
Date: Sat, 09 Oct 2021 22:08:41 +0000
From: Scott Kitterman <sklist@kitterman.com>
To: dmarc@ietf.org
In-Reply-To: <CAH48Zfw81292FOXoSK9xDpG-zo9-r58Dne4Uwy+oi1SFSN_0pA@mail.gmail.com>
References: <20211006233727.24C1429DC897@ary.qy> <56B7A1D4-B683-47D3-8871-2A1F283FA464@wordtothewise.com> <c1e199f1-0c91-9c39-1479-e9ba76af493e@tana.it> <2290129.80B3yH0EHm@zini-1880> <CALaySJJ3Neo6hgEJJ80g-H4vFMJ5Y-Fc=to4R8=sa9-3pg3zgg@mail.gmail.com> <CAH48Zfw81292FOXoSK9xDpG-zo9-r58Dne4Uwy+oi1SFSN_0pA@mail.gmail.com>
Message-ID: <B379D307-9394-4FA5-8658-077354756639@kitterman.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/t5mjduyphafaPE69jTLg9DS4Cpk>
Subject: Re: [dmarc-ietf] DMARC-Compliant Mailing Lists
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Oct 2021 22:08:50 -0000

Technically it's pretty easy to set up a mailing list which doesn't modify the message in ways likely to make DKIM fail.  Almost no one bothers to do so despite pressures resulting from widespread use of DMARC p=reject.

Operators do not need to justify anything to us.  We are not the internet police.

For our purposes it's enough to know that they do and there's no evidence that it's likely to change.

Scott K

On October 9, 2021 7:39:36 PM UTC, Douglas Foster <dougfoster.emailstandards@gmail.com> wrote:
>I would be pleased to see a document which explains why lists MUST or
>SHOULD alter content.    After more than 2 years following this discussion,
>no reason for this practice has ever been documented.
>
>Content changes would be easier to justify if subscribers granted
>authorization to modify as part of the subscription process.   But there
>was not informed consent when I joined this list, so I doubt that informed
>consent occurs on other lists either.
>
>What if, after reviewing the SHOULD list, an organization says "That's
>interesting but unconvincing.   Please send messages to our domain without
>alteration?"   Are lists equipped to give participants what they want, or
>not?
>
>Doug
>
>On Thu, Oct 7, 2021 at 9:58 AM Barry Leiba <barryleiba@computer.org> wrote:
>
>> Just on one point, for us to consider:
>>
>> > Personally, I think mailing lists changing From has horrible UX and I
>> don't
>> > really think anyone disagrees.  It's only advantages are that it's
>> relatively
>> > easy to implement in a Mailing List Manager (MLM) and it solves the
>> entire
>> > DMARC problem for a specific mailing list without needing anyone else to
>> change
>> > anything.  I understand the appeal.
>>
>> I think Scott is right that we all agree that rewriting From mitigates
>> problems that mailing lists have with DMARC, but at a significant cost
>> in usability.
>>
>> I think it would be bad to publish From-rewriting as a standard.
>>
>> But here:  I think it is reasonable, perhaps advisable, to
>> informationally document From-rewriting as a mechanism that is in use,
>> and to include in that documentation a clear exposition of the
>> problems that it causes.  Why not get those horrible UX issues down on
>> paper so that when someone decides to deploy it they are better
>> informed?  Perhaps we can lead people to take steps to reduce the UX
>> challenges (for example, rewriting the way the IETF is doing it at
>> least addresses the issue of knowing who sent the message, and how to
>> reply to the actual sender, as compared to a rewrite directly to the
>> mailing list address).
>>
>> Doesn't that make sense?
>>
>> Barry
>>
>> _______________________________________________
>> dmarc mailing list
>> dmarc@ietf.org
>> https://www.ietf.org/mailman/listinfo/dmarc
>>

v2.23.0 | Report a Bug | By Email