Re: DMARC from the perspective of the listadmin of a bunch of SMALL community lists

"John Levine" <johnl@taugh.com> Fri, 25 April 2014 01:17 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE15F1A01B5 for <ietf@ietfa.amsl.com>; Thu, 24 Apr 2014 18:17:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.142
X-Spam-Level: **
X-Spam-Status: No, score=2.142 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, J_CHICKENPOX_16=0.6, SPF_NEUTRAL=0.779] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6CKJ4z4C3oer for <ietf@ietfa.amsl.com>; Thu, 24 Apr 2014 18:17:45 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) by ietfa.amsl.com (Postfix) with ESMTP id 5432C1A0197 for <ietf@ietf.org>; Thu, 24 Apr 2014 18:17:44 -0700 (PDT)
Received: (qmail 66099 invoked from network); 25 Apr 2014 01:17:38 -0000
Received: from miucha.iecc.com (64.57.183.18) by mail1.iecc.com with QMQP; 25 Apr 2014 01:17:38 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=11325.5359b7b2.k1404; i=johnl@user.iecc.com; bh=ArQ0VzyS6O5M+EkD/i3ktlFp2XM6veh97NzdcXsPUR4=; b=QWquCxHib8tgc1rF4JDZNsrR5SHGx5k2IVkp3WfbgGX0FgyIH4OLXqyAQUMtoaXePP775Wy1f5aZRtBqw53t1jyQ+jKPgxDhWMV+lJzO7lgmad57P05o1j4qPIbro2w+s40PsTO48QI6s/Yxq6mWXFQSFSLzB7d00XVCtB8D2HgGIu9JdC/yKhpP5r5+UvCoIgss960310WLlRTjHmMHthQk2H8t8zwFDonDP+fUfw9JD2457O9zkatVcYxkBfVg
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=11325.5359b7b2.k1404; olt=johnl@user.iecc.com; bh=ArQ0VzyS6O5M+EkD/i3ktlFp2XM6veh97NzdcXsPUR4=; b=YxxcKzn3K50fwvteaudX0TfnGkNZFvSCFZ21mbY6ybldoGxATlxvVWv5zHLigaf5OArvzzBEs0hHapffMbgmMECnBq10G/AcjfNk/K1c4Xsl9kEVhwGu+ofWJ9/a+EOD9GLPtcLAHDUczlLkZNwBW3st5Wyy7XcpljLXCQdlJg5eAaujUcU7Bc3MQUEVvqCxgABNNyoPg3PDQarXRI00SdbyGVAJOEV8UHCatBnVmglQndYdrwgOe5hN1ZHljxQk
Date: 25 Apr 2014 01:17:16 -0000
Message-ID: <20140425011716.70436.qmail@joyce.lan>
From: "John Levine" <johnl@taugh.com>
To: ietf@ietf.org
Subject: Re: DMARC from the perspective of the listadmin of a bunch of SMALL community lists
In-Reply-To: <20140425002622.E6DFA1ACE0@ld9781.wdf.sap.corp>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/2WFmawQVR25cDCK7xa9DN-8gkNo
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Apr 2014 01:17:47 -0000

>> Can you provide a legal citation?  That would be really cool!
>
>1. Blocking EMail based on DMARC policy is illegal per §206 Abs. 2 Nr. 2 StGB.
>
>2. Actually, even looking at rfc5322.From (rather than MAIL FROM:) for
>   the purpose of looking up DMARC policy records 
>   is illegal per §206 Abs. 2 Nr. 1 StGB.
>
>3. Any DMARC-triggered reporting about forwarded emails is also illegal
>   per §206 Abs. 1 StGB and §88 TKG.

If that's true, how can spam filtering be legal?  The phrase "without
authorization" is pretty elastic, and all the ISPs I know consider themselves
authorized to mange user mail any way they want.


>The DMARC policy scheme is actually censoring of a telecommunication 
>between a messge sender and a message receiver through a telecommunications
>provider by some _outside_ third party.  So in the US a p=reject DMARC policy
>might potentially be freedom of speech (1st Amendment) violation.

Uh, no.  The First Amendment does not affect private entities, and
case law (White Buffalo vs. Texas) says that government entities have
broad discretion to do network management when acting as ISPs.

R's,
John