Re: DMARC and ietf.org

Theodore Ts'o <tytso@mit.edu> Sat, 13 August 2016 15:00 UTC

Return-Path: <tytso@thunk.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9639C12D669 for <ietf@ietfa.amsl.com>; Sat, 13 Aug 2016 08:00:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.147
X-Spam-Level:
X-Spam-Status: No, score=-3.147 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RP_MATCHES_RCVD=-1.247, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=thunk.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 83T3qOZqy-Og for <ietf@ietfa.amsl.com>; Sat, 13 Aug 2016 08:00:08 -0700 (PDT)
Received: from imap.thunk.org (imap.thunk.org [IPv6:2600:3c02::f03c:91ff:fe96:be03]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E70AE12D605 for <ietf@ietf.org>; Sat, 13 Aug 2016 08:00:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=thunk.org; s=ef5046eb; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date; bh=k7TFECHjGxkYfP9zl+/uv84GC19F2L1TeoLjNoT/kKw=; b=eh94fU3GcBakOUCAgyYXGLd394UoG5Dk5pI3A9fFYIxS4dsSU5TGx/4oWkWv5tZjlmMdJGJ2iNitbJI5DVE6+Q9hj/19ef5nMRxolffQMTSHjkpLJ3bjX1a/s+oGbwNCfxDY/JhJtv508TjT0oy+dc3z2Dl8Tv1EuHkjnZJWm4U=;
Received: from root (helo=closure.thunk.org) by imap.thunk.org with local-esmtp (Exim 4.84_2) (envelope-from <tytso@thunk.org>) id 1bYaPt-0005Iw-Au; Sat, 13 Aug 2016 15:00:05 +0000
Received: by closure.thunk.org (Postfix, from userid 15806) id 45A7D82F0D2; Sat, 13 Aug 2016 11:00:04 -0400 (EDT)
Date: Sat, 13 Aug 2016 11:00:04 -0400
From: Theodore Ts'o <tytso@mit.edu>
To: Ted Lemon <mellon@fugue.com>
Subject: Re: DMARC and ietf.org
Message-ID: <20160813150004.GM10626@thunk.org>
References: <c87f5578-be42-5a4e-d979-f4166e2f2ef2@gmail.com> <20160813023957.5679.qmail@ary.lan> <CAPt1N1mO0xxfc3SghV1pcNUjOz9yKk-g=bgU+dWrgy2LWcwhBg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAPt1N1mO0xxfc3SghV1pcNUjOz9yKk-g=bgU+dWrgy2LWcwhBg@mail.gmail.com>
User-Agent: Mutt/1.6.0 (2016-04-01)
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: tytso@thunk.org
X-SA-Exim-Scanned: No (on imap.thunk.org); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/0aOZbzLFtvYfiexu77JmXmVhWp0>
Cc: John Levine <johnl@taugh.com>, ietf <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Aug 2016 15:00:10 -0000

On Sat, Aug 13, 2016 at 08:02:32AM -0400, Ted Lemon wrote:
> There are certain senders from whom all the IETF mail I get is marked by
> gmail as spam and winds up in the spam folder, because they are using
> dmarc.   This hasn't gotten more urgent.   It was urgent when it started.
> The complaint is that nothing has changed since then.   This is a classic
> case of "best is the enemy of good enough."

The real problem is that in the absence of standardization, when the
folks who implemented DMARC went ahead without doing something that
didn't break all use cases, there's no consensus on what is the "good
enough" solution.

Everyone can say that it's someone else's problem to fix.  Some folks
could say that you should just change mail provideres, even though
that would impose lots of pain on you.

Others could say that the mailing list admins should change their
mailing lists, even though that would impose pain on people's procmail
setups.

Others could say it was the fault of companies like Yahoo and Paypal
who didn't use different mail addresses for their official mail versus
mail from their employees who need to participate in various standards
and open source efforts, and so it should be Yahoo and Paypal's
problem to change, even though they would have to deal with the pain.

And worse, it's not obvious that anyone has the moral high ground when
they demand that someone else shoulder the burden and the pain of the
change.

ARC is supposed to be the magic bullet that will fix all of this, but
this assumes someone is going to create ARC implementations for all of
the common mailing list server implementations, and it's not obvious
that this is going to be happening, either.

Given that, it's not all that surprising that there hasn't been much
in the way of movement, since yes, people are feeling pain with the
status quo.  But it's a lot easier to blame the people who made the
change which broke things.....

					- Ted