IETF Logo Mail Archive

Re: [ietf-822] WSJ/gmail/ML, was a permission to... (off-topic)

"John Levine" <johnl@taugh.com> Tue, 06 May 2014 17:13 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: ietf-822@ietfa.amsl.com
Delivered-To: ietf-822@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2782B1A0196 for <ietf-822@ietfa.amsl.com>; Tue, 6 May 2014 10:13:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.357
X-Spam-Level:
X-Spam-Status: No, score=-0.357 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, SPF_NEUTRAL=0.779] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e0tf9fFU4rev for <ietf-822@ietfa.amsl.com>; Tue, 6 May 2014 10:13:05 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) by ietfa.amsl.com (Postfix) with ESMTP id 2EEA91A018D for <ietf-822@ietf.org>; Tue, 6 May 2014 10:13:05 -0700 (PDT)
Received: (qmail 1702 invoked from network); 6 May 2014 17:13:01 -0000
Received: from miucha.iecc.com (64.57.183.18) by mail1.iecc.com with QMQP; 6 May 2014 17:13:01 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=6f78.5369181d.k1405; i=johnl@user.iecc.com; bh=9DbinXQBDb/VWFcGMF65d69nnag4hsjCTddim0tOAoI=; b=iflP/VDW6ib8+8NssUAj3CwTqUx4CtMyhlTHrXxajNxYyPgXxLkD+OZ1oCvPEzuSAjZf31vQ5pv2q0+hzWq6wrzM3dk90lb0v4JtUGPUabaN7fxX/9LktZjbwGBhk2DyoHpCXtA8UhCINAI//Rc47jyMJ1ylgSeCUfxNJvIzkRqw8SMhnOsSphPnTg3RP6UJ68Khl3UbvzoYVZol4HjwEe/F0zdz67EfEDTak3Yahl+HvxbClqKFhTSsC1SW9IW5
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=6f78.5369181d.k1405; olt=johnl@user.iecc.com; bh=9DbinXQBDb/VWFcGMF65d69nnag4hsjCTddim0tOAoI=; b=feJXgmvl0f6lq6qPJhnNTJDElOffB8Ybvn16kDDfnp2dPhA2tGKiVsvV0M/oylg3Koid/mo1i9/g/ID4Om1mT7w0HHTp3FnjIRcoSHUPV4D8sncm0Y52IgbE8xGk/kytikY29USLb38Q+ODT/pzjSKi7puiskI4UW1eFLcD81q0HLef77xRjBUP3YIbIuJsFrZ+EJKZhq7TZv8qPeEMhe7kmjwrPfKi5OkSBYKnQLnXuEuDi/PlN+rDh5LosZFiq
Date: Tue, 06 May 2014 17:12:38 -0000
Message-ID: <20140506171238.28535.qmail@joyce.lan>
From: John Levine <johnl@taugh.com>
To: ietf-822@ietf.org
In-Reply-To: <5368C39E.80808@meetinghouse.net>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf-822/NsEwF83Sp1MPD2JmxA9uuuX4auk
Cc: mfidelman@meetinghouse.net
Subject: Re: [ietf-822] WSJ/gmail/ML, was a permission to... (off-topic)
X-BeenThere: ietf-822@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion of issues related to Internet Message Format \[RFC 822, RFC 2822, RFC 5322\]" <ietf-822.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-822>, <mailto:ietf-822-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-822/>
List-Post: <mailto:ietf-822@ietf.org>
List-Help: <mailto:ietf-822-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-822>, <mailto:ietf-822-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 May 2014 17:13:06 -0000

>It strikes me that the RFC-5322 resent-headers, which don't seem to be 
>used much, might be a good starting point for such standardization - for 
>a start, by getting past the overloading of the From: header that causes 
>so many problems.

Keep in mind that anything a mailing list can do, a spammer who wants
to piggyback on the generally good reputations of mailing lists can
also do.  Anything that says "I'm a mailing list" is only useful with
some sort of external validation that it really is a list.  If you
have to do that anyway, you might as well use the list's DKIM
signature as the key which doesn't involve inventing any new
mechanism.

I think it's also pretty clear that any scheme that depends on the
DKIM signatures of incoming messages transiting mailing list software
won't work, either.

v2.23.0 | Report a Bug | By Email