IETF Logo Mail Archive

Re: [dmarc-ietf] list history, Signaling MLMs

John R Levine <johnl@taugh.com> Sat, 15 April 2023 20:17 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9335C14F747 for <dmarc@ietfa.amsl.com>; Sat, 15 Apr 2023 13:17:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.398
X-Spam-Level:
X-Spam-Status: No, score=-4.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="F/09QIuP"; dkim=pass (2048-bit key) header.d=taugh.com header.b="gP7XcdMc"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4GMUbufpHrNT for <dmarc@ietfa.amsl.com>; Sat, 15 Apr 2023 13:17:47 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F0F94C14CEF9 for <dmarc@ietf.org>; Sat, 15 Apr 2023 13:17:46 -0700 (PDT)
Received: (qmail 83703 invoked from network); 15 Apr 2023 20:17:44 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=146f4.643b0668.k2304; bh=dSx7yUIGbEl4/jBjWQAJEQ9tmiB5L6wZtONhbOVTcng=; b=F/09QIuPl/XKNKGGXSur8vByqVwbGfU2tcXDP2/JY3DCY8GUchxzuLXgJ3SPQ+8RdcOMvv2nJ5n7u4djpbBiEpH+reBoVl8JYK+B7GUa6B4mNLCG3k52VYqEjXPsggPQCd8o5fS+66pUlhWdNoaTHJPlPrtMFKfHQh5ZXuvhwVDcfCFwbLkWxOBg4UcODTJ7apJ9QbjXrnJcd6/4IQO5ZXfTP3eBdIC5jCwDQ7wHdaP061sVe38UFMWWExpuPWr2d06oGciFwfuGByYDVKb6cwJEZ8YynshJaClFnXCgagWBetNR2CMmIdAFS4P+orqlN4W21ciXOl6b3gRTyX2Maw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=146f4.643b0668.k2304; bh=dSx7yUIGbEl4/jBjWQAJEQ9tmiB5L6wZtONhbOVTcng=; b=gP7XcdMcXSZYxkNH93IElofNrSJ7GyH/iWBDyCh/dkwvXob66+Y0V0JiK1baD0SOG6pOLqhs1msMZAEw0dHINe6rl1K6htbaqmsIbE1/1TtPDaky4v2hqTH2+CpQUtULrz3qtBeTzlR+o1ZOV/r5Yd4/E/cJ6JQeEpuKx7JofJK3eUfo8T9O9mtKb8VBjQSTCz6BiTbjsE66y7J0sMoDGtuAx4cRYujoXsuBlG690uGGw1lwQ9G1lL1+FEM/caeFBsS72+k4qLvOsq+F305+HujA7EI36Ivsy/yzJCydJl7BlN0US2Eh3IWScNcSOJ1clo+ncvwt3rCfrj2HiFWYMw==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 15 Apr 2023 20:17:43 -0000
Received: by ary.qy (Postfix, from userid 501) id A389DBF2DD5F; Sat, 15 Apr 2023 16:17:41 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by ary.qy (Postfix) with ESMTP id E235DBF2DD41; Sat, 15 Apr 2023 16:17:41 -0400 (EDT)
Date: Sat, 15 Apr 2023 16:17:41 -0400
Message-ID: <04cffebc-169d-dfea-e2c6-055406a74b1a@taugh.com>
From: John R Levine <johnl@taugh.com>
To: Jesse Thompson <zjt@fastmail.com>, dmarc@ietf.org
X-X-Sender: johnl@ary.qy
In-Reply-To: <b8269f1d-6b43-4be7-b6d7-edcf79c3118f@app.fastmail.com>
References: <20230415170715.10F26BF2C124@ary.qy> <b8269f1d-6b43-4be7-b6d7-edcf79c3118f@app.fastmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/ydujA8eNC50U7aP3C4KAtRI2XXI>
Subject: Re: [dmarc-ietf] list history, Signaling MLMs
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Apr 2023 20:17:51 -0000

> I'm assuming that the "long list of stinky possible workarounds" are the 
> existing "whatever" mitigations, and rewriting seems to be acceptable 
> enough as a mitigation to convince large [enterprise] mail systems to 
> move forward with restrictive policies. ...

I think you are greatly overestimating the connection between cause and 
effect here.  The people setting the policies have no idea what effect 
they have on their users, and to the degree they do, they do not care. 
IETFers at large organizations who support their IETF work, and that have 
p=reject, tell me they've told the IT departments that the policy is 
making it hard for them to get their work done and the response is either 
"duh?" or "not our problem."

> I intentionally published > "p=quarantine pct=0" specifically to find 
> the MLMs that implemented no mitigations, weighed that against what I 
> knew about which receivers enforced non-mitigated mail, and then made a 
> judgment call to move forward.

It sure would be nice if people at other organizations were as concerned 
about the quality of mail service to their users.  But noooooo.

> I believe Wei suggested that we need to find a better "whatever" (in the 
> form of an alternative to SPF and DKIM that works with mailing lists) ...

I would like a pony, too.  But ARC is as good as we have now and after a 
decade of beating our heads against the wall, I don't think we're going to 
find anything better.  I've suggested a bunch of things that would make 
lists' life better, and nobody is interested:

https://datatracker.ietf.org/doc/draft-levine-may-forward/

https://datatracker.ietf.org/doc/draft-levine-dkim-conditional/

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly

v2.23.0 | Report a Bug | By Email