Re: What I've been wondering about the DMARC problem

Sabahattin Gucukoglu <listsebby@me.com> Fri, 18 April 2014 16:12 UTC

Return-Path: <listsebby@me.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CCE011A03C9 for <ietf@ietfa.amsl.com>; Fri, 18 Apr 2014 09:12:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fyfx1WHrZ58N for <ietf@ietfa.amsl.com>; Fri, 18 Apr 2014 09:12:39 -0700 (PDT)
Received: from st11p02mm-asmtp002.mac.com (st11p02mm-asmtp002.mac.com [17.172.220.237]) by ietfa.amsl.com (Postfix) with ESMTP id 124941A0228 for <ietf@ietf.org>; Fri, 18 Apr 2014 09:12:38 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: text/plain; CHARSET=US-ASCII
Received: from [192.168.1.6] (natbox.sabahattin-gucukoglu.com [213.123.192.30]) by st11p02mm-asmtp002.mac.com (Oracle Communications Messaging Server 7u4-27.08(7.0.4.27.7) 64bit (built Aug 22 2013)) with ESMTPSA id <0N4800JJBICNI350@st11p02mm-asmtp002.mac.com> for ietf@ietf.org; Fri, 18 Apr 2014 16:12:25 +0000 (GMT)
Subject: Re: What I've been wondering about the DMARC problem
From: Sabahattin Gucukoglu <listsebby@me.com>
In-reply-to: <5350344B.1000400@gmail.com>
Date: Fri, 18 Apr 2014 17:12:22 +0100
Message-id: <B433F153-C2E7-499C-9A9A-3C3D3783B2D6@me.com>
References: <53499A5E.9020805@meetinghouse.net> <5349A261.9040500@dcrocker.net> <5349AE35.2000908@meetinghouse.net> <5349BCDA.7080701@gmail.com> <01P6L9JZF5SC00004W@mauve.mrochek.com> <CAKW6Ri5f5KZyJeL7RTG2T000Qd+t61KCofNmG2JZv+nKi94Uug@mail.gmail.com> <534C0078.3070808@meetinghouse.net> <CAKW6Ri6OUmxGaBOGR2hoWpDOGWsVQ9tQ2Q9ogkT5wzFhFJLBbQ@mail.gmail.com> <534C2262.1070507@meetinghouse.net> <CAL0qLwb5p_V3i-NGhKJZBeO0qKHm1xiAq1E3nYkBzVUAXkRPpQ@mail.gmail.com> <CAKW6Ri5HWMaGMa_oLKwq5fzSUzJG=jAL1qojY1i6_tibEAxq8w@mail.gmail.com> <CAL0qLwaik1ft+AcACoc+kvKtCRt_gGvM6ov7c2yj_Uwyy3drNw@mail.gmail.com> <CAKW6Ri5_=GyOQijZMM+mqAoaEQzePGysBy9WVjN9yHO1zf3d2w@mail.gmail.com> <534C8F2B.9060903@gmail.com> <534D5516.7060902@dcrocker.net> <534D98CC.9080400@gmail.com> <2478F2D1-2E08-45D7-86A2-36443959E272@me.com> <534EE9EA.9060403@gmail.com> <09B6AA22-9D1D-4EE4-AB27-2506A1E08EDA@me.com> <5350344B.1000400@gmail.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
X-Mailer: Apple Mail (2.1510)
X-MANTSH: 1TEIXWV4bG1oaGkdHB0lGUkdDRl5PWBoaGxEKTEMXGx0EGx0YBBIZBBsdEBseGh8 aEQpYTRdLEQptfhcaEQpMWRcbGhsbEQpZSRcRClleF2hjeREKQ04XSxsYGmJCH2lpHFxgGXhzB xljGxwbGHpjEQpYXBcZBBoEHQdNSx0SSEkcTAUbHQQbHRgEEhkEGx0QGx4aHxsRCl5ZF2FCXGV vEQpMRhdia2sRCkNaFxgbGQQbGBkEGxMYBBkaEQpEWBcZEQpESRcYEQpCRRdmUH1dH21kGgVIY xEKQk4XbHBgeUAdYlJpGmIRCkJMF2dJH215aRh+ckJNEQpCbBdlaGUYbU0cGENGThEKQkAXZxx nXkJkY1Ibc2QRCnBoF2hmYklyRWNbf1xCEQpwaBdlGUdLYVB8ZEZGThEKcGgXYHtaUHAbQllZa 0YRCnBoF21fT2llQnwZc2xaEQpwaBdsGGVSZGxhGkN7XREKcGwXa2ZOa0FlX2ZTZwERCnBMF2c aU2xAa0BtH0NaEQ==
X-CLX-Spam: false
X-CLX-Score: 1011
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.11.96, 1.0.14, 0.0.0000 definitions=2014-04-18_01:2014-04-18, 2014-04-18, 1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1402240000 definitions=main-1404180279
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/73NgN8vZSFKr6nQRTSZFXYBh2yM
Cc: Jim Fenton <fenton@bluepopcorn.net>, IETF discussion list <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Apr 2014 16:12:41 -0000

On 17 Apr 2014, at 21:06, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
> On 17/04/2014 22:03, Sabahattin Gucukoglu wrote:
>> On 16 Apr 2014, at 21:36, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>>> On 16/04/2014 18:58, Sabahattin Gucukoglu wrote:
>>>> On 15 Apr 2014, at 21:38, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>>>>> The mailman fix is worse than the disease. I think the .INVALID fix is
>>>>> much better, because Reply-all will still work.
>>>> Reply-all should still work with the Mailman fix; 
>>> It doesn't work *properly*. Firstly, this message wouldn't be sent
>>> to you with CC to the list, which is the correct semantic.
>>> If you weren't a subscriber, you would never see it. Secondly,
>> 
>> Sorry, but I appear to be confused.
>> 
>> The Reply-To: field is adjusted to be the author's address, 
> 
> Oh, OK. Most UAs will probably do what you describe, but I think
> there are exceptions. However, if I want to reply to the author
> alone, it's now the simple Reply that will fail me, because it
> will reply to the list. And in my mail folders, messages will
> all appear to come from the list; if I want to find the message
> that Sabahattin sent me two years ago, I can't, because my UA
> doesn't allow for searching on the Reply-To field.
> 
> It's still got very poor semantics.

Precisely right, and especially +1 to the concluding paragraph.

Is now the time to discuss making it policy for mail receivers to supply user-modifiable signer-domain bypasses?  Or is "Whitelisting" still considered a dirty word and "Not scalable"? :)

Cheers,
Sabahattin