Re: DMARC from the perspective of the listadmin of a bunch of SMALL community lists
Hector Santos <hsantos@isdg.net> Mon, 14 April 2014 17:29 UTC
Return-Path: <hsantos@isdg.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39D621A06B1 for <ietf@ietfa.amsl.com>; Mon, 14 Apr 2014 10:29:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -98.702
X-Spam-Level:
X-Spam-Status: No, score=-98.702 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, J_CHICKENPOX_16=0.6, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bsa1Fqw01Kqu for <ietf@ietfa.amsl.com>; Mon, 14 Apr 2014 10:29:36 -0700 (PDT)
Received: from winserver.com (listserv.winserver.com [208.247.131.9]) by ietfa.amsl.com (Postfix) with ESMTP id 783491A06AF for <ietf@ietf.org>; Mon, 14 Apr 2014 10:29:36 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=5299; t=1397496563; h=Received:Received: Received:Received:Message-ID:Date:From:Organization:To:Subject: List-ID; bh=l8a3d5dz95sdyc6plerz9WZ353Y=; b=EhIxgDhQr2a+kL15VCt5 P957CDl6E39ku4pmiDsvlHSRSsOQsmYF+23yaQo2EepUvpp4poOc1z/mH9zKsTDV AFzrBqQ2Jj5TuJh40K/6ttgDBLk3Pb7nu7rI2U6S1Lb8wMikK9crvtMPggwxbUQ7 jKfV59j8u7UnnCUlMOzmQr0=
Received: by winserver.com (Wildcat! SMTP Router v7.0.454.4) for ietf@ietf.org; Mon, 14 Apr 2014 13:29:23 -0400
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; adsp=pass policy=all author.d=isdg.net asl.d=beta.winserver.com;
Received: from hector.wildcatblog.com (opensite.winserver.com [208.247.131.23]) by winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 605140795.14763.2756; Mon, 14 Apr 2014 13:29:22 -0400
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=5299; t=1397496497; h=Received:Received: Message-ID:Date:From:Organization:To:Subject:List-ID; bh=+fb1Sfb LAcEOC/HgWXuVtj7ZyFCA4YdZEq/ySXohsjo=; b=js2bdXKD7fJiy+Z8ziFZxRC noex2E1NURrxu8+VCdT/V0/JzKHLQvqAJBL99z6gbdDWg1ZBEtBM5qmM2Q/BEHyf 6ThfskDdV5KyC7fPJn+kqWFAisDcocAA7TvtDOf/WTPNF2nMF1d8rw0+2AL6zM99 DXaRZ/UAHNVPXp2rjM60=
Received: by beta.winserver.com (Wildcat! SMTP Router v7.0.454.4) for ietf@ietf.org; Mon, 14 Apr 2014 13:28:17 -0400
Received: from [192.168.1.2] ([99.121.4.27]) by beta.winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 624672859.9.10176; Mon, 14 Apr 2014 13:28:16 -0400
Message-ID: <534C1AEE.3080003@isdg.net>
Date: Mon, 14 Apr 2014 13:29:18 -0400
From: Hector Santos <hsantos@isdg.net>
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: Miles Fidelman <mfidelman@meetinghouse.net>, ietf@ietf.org
Subject: Re: DMARC from the perspective of the listadmin of a bunch of SMALL community lists
References: <53499A5E.9020805@meetinghouse.net>
In-Reply-To: <53499A5E.9020805@meetinghouse.net>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/0XyLhP4SauM0rnGiCc3aBWp8jDU
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Apr 2014 17:29:41 -0000
This DMARC issue has finally hit our support forum today! -------- Original Message -------- Subject: [WINServer] Lists, Yahoo and DMARC Date: Mon, 14 Apr 2014 12:51:38 -0400 From: Kevin M. Agard <lists@agard.org> Reply-To: <WINServer@winserver.com> To: WINServer@winserver.com Is anyone else running the wcListserver seeing bounces on messages to Yahoo, MSN and Comcast due to these provider's DMARC configs?? What I am seeing is that any message originating from a @yahoo.com address is being bounced by these domains with a 554 5.7.9: Message not accepted for policy reasons error messages. Interestingly enough, although Yahoo, MSN and Comcast all bounce these messages, it is only messages from Yahoo that bounce. Messages originating from MSN and Comcast make it through fine. KMA ------------------------------------------ On 4/12/2014 3:56 PM, Miles Fidelman wrote: > Folks, > > We (really I) support perhaps 2 dozen small email lists, for a bunch > of community groups (PTOs, churches, neighborhood groups) - mostly the > legacy of previously running a small hosting firm, and still having > the machines sitting in a data center. The kinds of groups with lots > of non-technical users who have email accounts on Yahoo, hotmail, AOL, > Comcast, and such. The lists range in size from tiny (5 person boards > of directors) to maybe 1000 (high school parents). > > Yahoo's implementation of it's new DMARC policy has been an absolute > disaster. Kind of messes things up when a few days before tax filings > are due, and in parallel with the Heartbleed mess, (not to mention the > work that pays the bills), roughly 1/3 of the addresses on almost all > of the lists start bouncing mail from yahoo addresses - particularly > when yahoo's postmaster didn't have a clue what was going on (my > initial thought was - oh heck, need to get back on their whitelist). > Luckily gmail seems not to be honoring the Yahoo's p=reject policy, at > least so far, or things would be a LOT worse. > > Still trying to figure out a reasonable fix for this, as it looks like > lots of other listmasters are trying to do - and doesn't help that I'm > running a less common list package (sympa). > > Anyway - one of my reactions to this is that something is really > broken about the process by which DMARC and Yahoo's policy have been > foisted on the larger Internet community - and in particular IETF's > role or lack thereof. Specifically: > > - DMARC is an ad-hoc group that assembled with a "common goal was to > develop an operational specification to be introduced to the IETF for > standardization" > (http://dmarc.org/about.html) > > - DMARC.org defines the "DMARC Base Specification" with a link to > https://datatracker.ietf.org/doc/draft-kucherawy-dmarc-base/ - an IETF > document > > - the referenced document is an informational Internet draft, that > expires in October of this year, that starts with "This memo presents > a proposal for a scalable mechanism by which a mail sending > organization can express,. > > - It's also being presented as mature - through such publicity > statements as "DMARC standard now protects almost two-thirds of the > world's 3.3 billion consumer mailboxes worldwide" > (http://dmarc.org/news/press_release_20140218.html) > > In essence, DMARC is being represented as a mature, standards-track > IETF specification - with the implication that it's been widely > vetted, and is marching through the traditional experimental -> > optional -> recommended -> mandatory steps that IETF standards go > through. > > In reality: > - DMARC was developed by a tiny number of people, all of whom work for > very large ISPs > - as far as I can tell, all input from the broader community - notably > mailing list developers and operators was roundly ignored or dismissed > (the transcript is really clear on this) > - while DMARC is at least partially tested, deploying and honoring > "p=reject" messages is brand new, and has wreaked tremendous damage > across the net > - as far as I can tell, those who are behind DMARC are taking the > position "it's not our problem" (see discussions on > dmarc-discuss@dmarc.org and dmarc@ietf.org) - and there is nary a > Yahoo representative to be seen anywhere > > From an operational perspective, this is akin to a large player > publishing a corrupt nameserver database or routing update - and then > actively resting attempts to clean up the mess (which, in effect is > what Yahoo did by updating their DMARC record to p=reject). > > The situation strikes me as incredibly perverse and broken - the more > so that the perpetrators are presenting this as blessed by the IETF > standards process. > > It strikes me that IETF should weigh in on this in a formal fashion - > if only to make it very clear that IETF is not responsible for this > debacle, and perhaps to exert some moral influence on the perpetrators > to back off and help clean up the mess they've created. > > On a broader scope - this sort of points out a really big hole in our > consensus governance process - when one bad actor can inflict damage > across the entire Internet, apparently, with impunity. > > Miles Fidelman > -- HLS
- DMARC from the perspective of the listadmin of a … Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Dave Crocker
- Re: DMARC from the perspective of the listadmin o… Michael Richardson
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Hector Santos
- Re: DMARC from the perspective of the listadmin o… Brian E Carpenter
- Re: DMARC from the perspective of the listadmin o… Theodore Ts'o
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Mark Andrews
- Re: DMARC from the perspective of the listadmin o… Hector Santos
- Re: DMARC from the perspective of the listadmin o… Douglas Otis
- Re: DMARC from the perspective of the listadmin o… Dave Crocker
- Re: DMARC from the perspective of the listadmin o… Andrew G. Malis
- Re: DMARC from the perspective of the listadmin o… ned+ietf
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… John Levine
- Re: DMARC from the perspective of the listadmin o… Brian E Carpenter
- Re: DMARC from the perspective of the listadmin o… Brian E Carpenter
- Re: DMARC from the perspective of the listadmin o… Theodore Ts'o
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Dick Franks
- Re: DMARC from the perspective of the listadmin o… Dick Franks
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re[2]: DMARC and yahoo mohammed serrhini
- Re: DMARC from the perspective of the listadmin o… Hector Santos
- Re: DMARC from the perspective of the listadmin o… Dick Franks
- Re: DMARC from the perspective of the listadmin o… Murray S. Kucherawy
- Re: DMARC from the perspective of the listadmin o… Dave Crocker
- Re: DMARC and yahoo Doug Royer
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Murray S. Kucherawy
- Re: DMARC from the perspective of the listadmin o… Warren Kumari
- Re: DMARC from the perspective of the listadmin o… Murray S. Kucherawy
- RE: DMARC from the perspective of the listadmin o… MH Michael Hammer (5304)
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re: DMARC and yahoo Theodore Ts'o
- Re: DMARC from the perspective of the listadmin o… Dick Franks
- Re: DMARC from the perspective of the listadmin o… Brian E Carpenter
- Re: DMARC from the perspective of the listadmin o… Rolf E. Sonneveld
- Re: DMARC from the perspective of the listadmin o… Dave Crocker
- Re: DMARC from the perspective of the listadmin o… Murray S. Kucherawy
- Re: DMARC from the perspective of the listadmin o… Murray S. Kucherawy
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Dave Cridland
- Re: DMARC from the perspective of the listadmin o… Dick Franks
- What I've been wondering about the DMARC problem Brian E Carpenter
- Re: What I've been wondering about the DMARC prob… Doug Barton
- Re: DMARC and yahoo Doug Royer
- Re: What I've been wondering about the DMARC prob… Miles Fidelman
- Re: What I've been wondering about the DMARC prob… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Ted Lemon
- Re: What I've been wondering about the DMARC prob… Theodore Ts'o
- Re: DMARC from the perspective of the listadmin o… Scott Kitterman
- Re: DMARC and yahoo Theodore Ts'o
- What I've been wondering about the DMARC problem Abdussalam Baryun
- Re: What I've been wondering about the DMARC prob… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Sabahattin Gucukoglu
- Re: What I've been wondering about the DMARC prob… Seth Johnson
- Re: What I've been wondering about the DMARC prob… Seth Johnson
- RE: What I've been wondering about the DMARC prob… l.wood
- Re: DMARC and yahoo Douglas Otis
- Re: What I've been wondering about the DMARC prob… Seth Johnson
- Re: What I've been wondering about the DMARC prob… Dave Crocker
- Re: DMARC from the perspective of the listadmin o… Hector Santos
- Re: What I've been wondering about the DMARC prob… Miles Fidelman
- Re: What I've been wondering about the DMARC prob… Seth Johnson
- Re: What I've been wondering about the DMARC prob… Miles Fidelman
- Re: What I've been wondering about the DMARC prob… Paul Ferguson
- Re: What I've been wondering about the DMARC prob… Miles Fidelman
- Re: What I've been wondering about the DMARC prob… Hector Santos
- Re: What I've been wondering about the DMARC prob… Miles Fidelman
- RE: What I've been wondering about the DMARC prob… MH Michael Hammer (5304)
- Re: What I've been wondering about the DMARC prob… Hector Santos
- RE: What I've been wondering about the DMARC prob… MH Michael Hammer (5304)
- Re: What I've been wondering about the DMARC prob… Brian E Carpenter
- Re: DMARC and yahoo Doug Royer
- Re: DMARC and yahoo Theodore Ts'o
- Re: DMARC and yahoo Michael Richardson
- Re: DMARC and yahoo Theodore Ts'o
- Re: What I've been wondering about the DMARC prob… Sabahattin Gucukoglu
- Re: DMARC and yahoo Stephen Farrell
- Re: DMARC and yahoo Hector Santos
- Re: DMARC and yahoo Randy Bush
- Re: DMARC and yahoo Yoav Nir
- RE: DMARC and yahoo MH Michael Hammer (5304)
- Re: DMARC and yahoo Theodore Ts'o
- RE: DMARC and yahoo MH Michael Hammer (5304)
- Re: What I've been wondering about the DMARC prob… Jim Fenton
- Re: What I've been wondering about the DMARC prob… Brian E Carpenter
- Re: DMARC and yahoo Miles Fidelman
- RE: DMARC and yahoo l.wood
- Re: DMARC from the perspective of the listadmin o… ned+ietf
- Re: DMARC from the perspective of the listadmin o… Douglas Otis
- Re: DMARC from the perspective of the listadmin o… John C Klensin
- Re: What I've been wondering about the DMARC prob… Sabahattin Gucukoglu
- Re: DMARC from the perspective of the listadmin o… ned+ietf
- Re: DMARC from the perspective of the listadmin o… ned+ietf
- Re: What I've been wondering about the DMARC prob… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Hector Santos
- Re: What I've been wondering about the DMARC prob… Brian E Carpenter
- Re: What I've been wondering about the DMARC prob… Theodore Ts'o
- Re: What I've been wondering about the DMARC prob… John Levine
- Re: DMARC from the perspective of the listadmin o… Martin Rex
- Re: DMARC from the perspective of the listadmin o… Doug Barton
- Re: DMARC from the perspective of the listadmin o… ned+ietf
- Re: DMARC from the perspective of the listadmin o… Murray S. Kucherawy
- Re: DMARC from the perspective of the listadmin o… John Levine
- Re: What I've been wondering about the DMARC prob… Murray S. Kucherawy
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re: What I've been wondering about the DMARC prob… Sabahattin Gucukoglu
- Re: What I've been wondering about the DMARC prob… Sabahattin Gucukoglu
- RE: DMARC from the perspective of the listadmin o… MH Michael Hammer (5304)
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- RE: DMARC from the perspective of the listadmin o… MH Michael Hammer (5304)
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Doug Barton
- Re: DMARC from the perspective of the listadmin o… Theodore Ts'o
- Re: DMARC from the perspective of the listadmin o… Randy Bush
- Re: DMARC from the perspective of the listadmin o… ned+ietf
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… ned+ietf
- Re: DMARC from the perspective of the listadmin o… John C Klensin
- Re: What I've been wondering about the DMARC prob… ned+ietf
- Re: DMARC from the perspective of the listadmin o… ned+ietf
- Re: DMARC from the perspective of the listadmin o… Hector Santos
- Re: DMARC from the perspective of the listadmin o… John C Klensin
- Re: DMARC from the perspective of the listadmin o… Pete Resnick
- Re: DMARC and yahoo Jeffrey Altman
- Re: DMARC and yahoo John Levine
- Re: DMARC and yahoo Hector Santos
- Re: DMARC and yahoo John C Klensin
- Re: DMARC and yahoo Brian E Carpenter
- One size doesn't fit all [Re: DMARC ....] Brian E Carpenter
- Re: DMARC from the perspective of the listadmin o… Dave Crocker
- Somebody always claims something (was Re: DMARC f… Dave Crocker
- Re: DMARC and yahoo Doug Barton
- Re: DMARC and yahoo Hector Santos
- Re: DMARC and yahoo Theodore Ts'o
- RE: DMARC and yahoo Christian Huitema
- Re: DMARC from the perspective of the listadmin o… ned+ietf
- Re: DMARC from the perspective of the listadmin o… ned+ietf
- Re: DMARC and yahoo Yoav Nir
- Re: DMARC and yahoo John Levine
- Re: DMARC and yahoo Dave Crocker
- Re: What I've been wondering about the DMARC prob… Murray S. Kucherawy
- Re: DMARC and yahoo Doug Royer
- Re: What I've been wondering about the DMARC prob… ned+ietf
- Re: DMARC and yahoo Dave Crocker
- Re: DMARC and yahoo Douglas Otis
- Re: What I've been wondering about the DMARC prob… John Levine
- Re: DMARC and yahoo Brian E Carpenter
- Re: What I've been wondering about the DMARC prob… Murray S. Kucherawy
- Re: DMARC and yahoo Rolf E. Sonneveld
- Re: What I've been wondering about the DMARC prob… ned+ietf
- Re: DMARC and yahoo Douglas Otis
- Re: DMARC from the perspective of the listadmin o… Doug Barton
- Re: DMARC from the perspective of the listadmin o… Martin Rex
- Re: DMARC from the perspective of the listadmin o… Doug Barton
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Martin Rex
- Re: DMARC from the perspective of the listadmin o… Scott Kitterman
- Re: DMARC from the perspective of the listadmin o… Douglas Otis
- Re: DMARC from the perspective of the listadmin o… Scott Kitterman
- Re: DMARC from the perspective of the listadmin o… Martin Rex
- Re: DMARC from the perspective of the listadmin o… John R Levine
- Re: DMARC from the perspective of the listadmin o… Ted Lemon
- Re: DMARC from the perspective of the listadmin o… ned+ietf
- Re: DMARC from the perspective of the listadmin o… Dave Crocker
- Re: DMARC from the perspective of the listadmin o… Martin Rex
- Re: DMARC from the perspective of the listadmin o… Douglas Otis
- Re: DMARC from the perspective of the listadmin o… Hector Santos
- The IETF environment (was: Re: DMARC from the per… ned+ietf
- Re: The IETF environment Dave Crocker
- RE: The IETF environment Adrian Farrel
- Re: The IETF environment Miles Fidelman
- Re: The IETF environment Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Miles Fidelman
- Re: DMARC from the perspective of the listadmin o… Murray S. Kucherawy
- Re: The IETF environment Abdussalam Baryun
- Re: The IETF environment Dale R. Worley
- Re: The IETF environment Brian E Carpenter
- Re: The IETF environment Dave Crocker
- Re: The IETF environment Phillip Hallam-Baker
- Re: DMARC from the perspective of the listadmin o… Hector Santos
- Re: The IETF environment S Moonesamy
- Re: The IETF environment Dave Crocker
- Re: The IETF environment Miles Fidelman
- RE: The IETF environment Christian Huitema
- Re: The IETF environment S Moonesamy
- Re: The IETF environment Miles Fidelman
- Workshop effects [Re: The IETF environment] Brian E Carpenter
- Re: Workshop effects [Re: The IETF environment] Abdussalam Baryun