Re: (DMARC) Why mailing lists are only sort of special
tytso@mit.edu Wed, 16 April 2014 23:32 UTC
Return-Path: <tytso@thunk.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2378E1A040F for <ietf@ietfa.amsl.com>; Wed, 16 Apr 2014 16:32:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.974
X-Spam-Level:
X-Spam-Status: No, score=-0.974 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_14=0.6, J_CHICKENPOX_16=0.6, RP_MATCHES_RCVD=-0.272, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i-l0-_XtnCPO for <ietf@ietfa.amsl.com>; Wed, 16 Apr 2014 16:32:08 -0700 (PDT)
Received: from thunk.org (dfwtest.thunk.org [IPv6:2600:3c00::f03c:91ff:fe69:c5da]) by ietfa.amsl.com (Postfix) with ESMTP id 6F5AA1A0410 for <ietf@ietf.org>; Wed, 16 Apr 2014 16:32:08 -0700 (PDT)
Received: from tytso by thunk.org with local (Exim 4.80) (envelope-from <tytso@thunk.org>) id 1WaZSr-0004qJ-GS; Wed, 16 Apr 2014 23:42:01 +0000
Date: Wed, 16 Apr 2014 23:42:01 +0000
From: tytso@mit.edu
To: Miles Fidelman <mfidelman@meetinghouse.net>
Subject: Re: (DMARC) Why mailing lists are only sort of special
Message-ID: <20140416234201.GA18480@thunk.org>
References: <CE39F90A45FF0C49A1EA229FC9899B0507D460CB@USCLES544.agna.amgreetings.com> <alpine.BSF.2.00.1404142150430.32657@joyce.lan> <CAL0qLwbPMm_i0fqNSGQPv=xZaiNASy=icsRNudaNJ_3PNtX3Og@mail.gmail.com> <alpine.BSF.2.00.1404151832460.38826@joyce.lan> <CAL0qLwZUptJVw85T2FjB2HRGoOvcOUHKiQXeadM0QE9BsFVM9w@mail.gmail.com> <CAKHUCzxpwS+nR9wRGOzU_83f7XabMr0pwB5x-MHrqM-28r80kw@mail.gmail.com> <CAKHUCzzw9mufrTCOBQOkRrZU6wOM21X8Y=FUEKf=qnzS9VESjA@mail.gmail.com> <alpine.BSF.2.00.1404161654430.2065@joyce.lan> <CAL0qLwYT_y5ksCP5DpHGXEK084zVg=6HfpJ2B2khkK7jDByZmQ@mail.gmail.com> <534F0F4A.9010901@meetinghouse.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <534F0F4A.9010901@meetinghouse.net>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: tytso@thunk.org
X-SA-Exim-Scanned: No (on thunk.org); SAEximRunCond expanded to false
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/92ZVFGKPmkv4Rf9sLAUT4XKnT3Q
Cc: "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Apr 2014 23:32:09 -0000
On Wed, Apr 16, 2014 at 07:16:26PM -0400, Miles Fidelman wrote: > Well... yahoo, aol, and others DO keep whitelists now - and various > mechanisms for getting on them. Yahoo doesn't, however, seem to > apply their whitelisting methods to their own mail that's passed > through DMARC. Hmmm..... All of the major mail providers are almost certainly using some kind of machine-learning that takes multiple things into account, including SPF and DKIM results, message body filtering, etc. The problem is that this only helps people who are receiving mail at yahoo.com or gmail.com, etc. The problem that Yahoo seems to be fixated on, at least with respect to their desire to enable DMARC p=reject, is that they don't trust that *other* people will have good enough spam detection schemes such that they can detect messages sent to other mail destinations (for example, such as alice@hotmail.com) where the recipient claims to be bob@yahoo.com. So the problem is not yahoo maintaining a set of whitelists, it's everybody *else* needing to have a good enough machine learning algorithms so they can detect bad e-mail. If everyone did, then you wouldn't need any DMARC policy other than p=none. They could all look at the SPF and DKIM, the message body, their ML algorithms that have led them to conclude that ietf@ietf.org is a valid email list, and not a spammer trying to look like a mailing list, and make the appropriate ham vs spam determination. In some sense the DMARC p=reject is basically Yahoo saying, "I don't trust your spam algorithms, so please use a really bone-headed algorithm which rejects any message claiming to be from username@yahoo.com if the sender and the from field don't match." Regards, - Ted
- Re: DMARC: perspectives from a listadmin of large… John R Levine
- Re: DMARC: perspectives from a listadmin of large… Sabahattin Gucukoglu
- Re: DMARC: perspectives from a listadmin of large… Scott Kitterman
- Re: DMARC: perspectives from a listadmin of large… Brian E Carpenter
- Re: DMARC: perspectives from a listadmin of large… John R Levine
- Re: DMARC: perspectives from a listadmin of large… Sabahattin Gucukoglu
- Re: DMARC: perspectives from a listadmin of large… Dave Crocker
- DMARC: perspectives from a listadmin of large ope… Robin H. Johnson
- Re: DMARC: perspectives from a listadmin of large… Robin H. Johnson
- Re: DMARC: perspectives from a listadmin of large… Robin H. Johnson
- Re: DMARC: perspectives from a listadmin of large… ned+ietf
- Re: DMARC: perspectives from a listadmin of large… S Moonesamy
- Re: DMARC: perspectives from a listadmin of large… John R Levine
- RE: DMARC: perspectives from a listadmin of large… Alex Ojeda
- Re: DMARC: perspectives from a listadmin of large… Hector Santos
- Re: DMARC: perspectives from a listadmin of large… Hector Santos
- Re: DMARC: perspectives from a listadmin of large… S Moonesamy
- Re: DMARC: perspectives from a listadmin of large… S Moonesamy
- Re: DMARC: perspectives from a listadmin of large… John Levine
- Re: DMARC: perspectives from a listadmin of large… Alessandro Vesely
- Re: DMARC: perspectives from a listadmin of large… Hector Santos
- Re: DMARC: perspectives from a listadmin of large… Hector Santos
- Re: DMARC: perspectives from a listadmin of large… Miles Fidelman
- Re: DMARC: perspectives from a listadmin of large… Doug Barton
- Re: DMARC: perspectives from a listadmin of large… John Levine
- Re: DMARC: perspectives from a listadmin of large… Doug Barton
- Re: DMARC: perspectives from a listadmin of large… ned+ietf
- Re: DMARC: perspectives from a listadmin of large… Dave Crocker
- Re: DMARC: perspectives from a listadmin of large… John R Levine
- Re: DMARC: perspectives from a listadmin of large… John C Klensin
- Re: DMARC: perspectives from a listadmin of large… John R Levine
- Re: DMARC: perspectives from a listadmin of large… Sabahattin Gucukoglu
- Re: DMARC: perspectives from a listadmin of large… John C Klensin
- Re: DMARC: perspectives from a listadmin of large… Miles Fidelman
- Re: DMARC: perspectives from a listadmin of large… Doug Barton
- Re: DMARC: perspectives from a listadmin of large… John C Klensin
- Re: DMARC: perspectives from a listadmin of large… S Moonesamy
- RE: DMARC: perspectives from a listadmin of large… l.wood
- Re: DMARC: perspectives from a listadmin of large… Dave Crocker
- Re: DMARC: perspectives from a listadmin of large… John C Klensin
- Re: DMARC: perspectives from a listadmin of large… Miles Fidelman
- Re: DMARC: perspectives from a listadmin of large… Miles Fidelman
- Re: DMARC: perspectives from a listadmin of large… Miles Fidelman
- RE: DMARC: perspectives from a listadmin of large… MH Michael Hammer (5304)
- Re: DMARC: perspectives from a listadmin of large… Murray S. Kucherawy
- Re: DMARC: perspectives from a listadmin of large… Murray S. Kucherawy
- Re: DMARC: perspectives from a listadmin of large… Murray S. Kucherawy
- Re: DMARC: perspectives from a listadmin of large… Miles Fidelman
- Re: DMARC: perspectives from a listadmin of large… Miles Fidelman
- Re: DMARC: perspectives from a listadmin of large… Miles Fidelman
- Re: DMARC: perspectives from a listadmin of large… Murray S. Kucherawy
- Re: DMARC: perspectives from a listadmin of large… S Moonesamy
- Mailman 2.1.16 [DMARC: perspectives from a listad… Brian E Carpenter
- Re: Mailman 2.1.16 [DMARC: perspectives from a li… Theodore Ts'o
- Re: DMARC: perspectives from a listadmin of large… Miles Fidelman
- Re: DMARC: perspectives from a listadmin of large… Dave Cridland
- Re: DMARC: perspectives from a listadmin of large… Miles Fidelman
- Re: DMARC: perspectives from a listadmin of large… Murray S. Kucherawy
- Re: protecting the Internet from DMARC damage, wa… John Levine
- Re: Mailman 2.1.16 [DMARC: perspectives from a li… John Levine
- Re: DMARC: perspectives from a listadmin of large… Dave Cridland
- Re: Mailman 2.1.16 [DMARC: perspectives from a li… John Levine
- RE: DMARC: perspectives from a listadmin of large… MH Michael Hammer (5304)
- Re: DMARC: perspectives from a listadmin of large… Doug Barton
- Re: DMARC: perspectives from a listadmin of large… Doug Barton
- Re: DMARC: perspectives from a listadmin of large… Dave Crocker
- Re: DMARC: perspectives from a listadmin of large… Murray S. Kucherawy
- RE: DMARC: perspectives from a listadmin of large… S Moonesamy
- Re: DMARC: perspectives from a listadmin of large… Douglas Otis
- Re: DMARC: perspectives from a listadmin of large… Miles Fidelman
- Re: DMARC: perspectives from a listadmin of large… John Levine
- RE: protecting the Internet from DMARC damage, wa… MH Michael Hammer (5304)
- Re: Mailman 2.1.16 [DMARC: perspectives from a li… Brian E Carpenter
- RE: protecting the Internet from DMARC damage, wa… John R Levine
- Re: DMARC: perspectives from a listadmin of large… Doug Barton
- Re: DMARC: perspectives from a listadmin of large… Scott Kitterman
- Re: DMARC: perspectives from a listadmin of large… Scott Kitterman
- Re: protecting the Internet from DMARC damage, wa… Murray S. Kucherawy
- Re: DMARC: perspectives from a listadmin of large… Dave Cridland
- Re: DMARC: perspectives from a listadmin of large… Alessandro Vesely
- Re: Mailman 2.1.16 [DMARC: perspectives from a li… Michael Richardson
- Re: DMARC: perspectives from a listadmin of large… ned+ietf
- Re: Mailman 2.1.16 [DMARC: perspectives from a li… Theodore Ts'o
- Re: Mailman 2.1.16 [DMARC: perspectives from a li… John R Levine
- Re: DMARC: perspectives from a listadmin of large… Dave Crocker
- Re: Mailman 2.1.16 [DMARC: perspectives from a li… Michael Richardson
- Re: DMARC: perspectives from a listadmin of large… S Moonesamy
- Re: Mailman 2.1.16 [DMARC: perspectives from a li… Theodore Ts'o
- Re: DMARC: perspectives from a listadmin of large… S Moonesamy
- Re: DMARC: perspectives from a listadmin of large… Pete Resnick
- Re: Mailman 2.1.16 [DMARC: perspectives from a li… Brian E Carpenter
- RE: DMARC: perspectives from a listadmin of large… MH Michael Hammer (5304)
- Re: DMARC: perspectives from a listadmin of large… Hector Santos
- Re: DMARC: perspectives from a listadmin of large… Hector Santos
- Re: DMARC: perspectives from a listadmin of large… Brian E Carpenter
- Re: DMARC: perspectives from a listadmin of large… Theodore Ts'o
- Re: DMARC: perspectives from a listadmin of large… Sabahattin Gucukoglu
- Re: DMARC: perspectives from a listadmin of large… Scott Kitterman
- Re: DMARC: perspectives from a listadmin of large… Theodore Ts'o
- Let's talk (was: DMARC: perspectives from a lista… S Moonesamy
- (DMARC) Why mailing lists are only sort of special John R Levine
- RE: Let's talk (was: DMARC: perspectives from a l… MH Michael Hammer (5304)
- Re: DMARC: perspectives from a listadmin of large… Miles Fidelman
- Re: DMARC: perspectives from a listadmin of large… John R. Levine
- Re: DMARC: perspectives from a listadmin of large… Pete Resnick
- Re: DMARC: perspectives from a listadmin of large… Miles Fidelman
- Re: DMARC: perspectives from a listadmin of large… Michael Richardson
- Re: DMARC: perspectives from a listadmin of large… John Levine
- RE: Let's talk (was: DMARC: perspectives from a l… S Moonesamy
- Re: Let's talk (was: DMARC: perspectives from a l… Dave Cridland
- Re: (DMARC) Why mailing lists are only sort of sp… Murray S. Kucherawy
- Re: (DMARC) Why mailing lists are only sort of sp… Dave Cridland
- Re: (DMARC) Why mailing lists are only sort of sp… Dave Cridland
- RE: Let's talk (was: DMARC: perspectives from a l… MH Michael Hammer (5304)
- Re: (DMARC) Why mailing lists are only sort of sp… John R Levine
- Re: (DMARC) Why mailing lists are only sort of sp… Murray S. Kucherawy
- Re: (DMARC) Why mailing lists are only sort of sp… Murray S. Kucherawy
- Re: (DMARC) Why mailing lists are only sort of sp… Miles Fidelman
- Re: (DMARC) Why mailing lists are only sort of sp… Pete Resnick
- Re: (DMARC) Why mailing lists are only sort of sp… tytso
- Re: DMARC: perspectives from a listadmin of large… Miles Fidelman
- Re: (DMARC) Why mailing lists are only sort of sp… Mark Andrews
- Re: (DMARC) We've been here before, was Why maili… John R Levine
- Re: (DMARC) How a whitelist would work, was Why m… John R Levine
- Re: (DMARC) We've been here before, was Why maili… Pete Resnick
- Re: (DMARC) Why mailing lists are only sort of sp… Dave Cridland
- Re: (DMARC) Why mailing lists are only sort of sp… Yoav Nir
- Re: (DMARC) We've been here before, was Why maili… John R Levine
- Re: (DMARC) Why mailing lists are only sort of sp… Martin Rex
- Re: (DMARC) Why mailing lists are only sort of sp… Yoav Nir
- Re: (DMARC) Why mailing lists are only sort of sp… Dave Cridland
- RE: (DMARC) Why mailing lists are only sort of sp… MH Michael Hammer (5304)
- Re: (DMARC) We've been here before, was Why maili… Pete Resnick
- Re: (DMARC) Why mailing lists are only sort of sp… Miles Fidelman
- Re: (DMARC) We've been here before, was Why maili… ned+ietf
- Re: (DMARC) We've been here before, was Why maili… Miles Fidelman
- Re: (DMARC) We've been here before, was Why maili… Martin Rex
- Re: (DMARC) We've been here before, was Why maili… ned+ietf
- Re: (DMARC) We've been here before, was Why maili… Douglas Otis
- Re: (DMARC) We've been here before, was Why maili… Martin Rex
- Re: (DMARC) We've been here before, was Why maili… John Levine
- Re: (DMARC) We've been here before, was Why maili… Murray S. Kucherawy
- Re: (DMARC) We've been here before, was Why maili… John Levine
- Re: (DMARC) We've been here before, was Why maili… Martin Rex
- Re: (DMARC) We've been here before, was Why maili… John Levine
- Re: (DMARC) We've been here before, was Why maili… Michael Richardson
- Re: (DMARC) How a whitelist would work, was Why m… Michael Richardson
- Re: (DMARC) Why mailing lists are only sort of sp… Michael Richardson
- Re: (DMARC) How a whitelist would work, was Why m… John R Levine
- Re: (DMARC) How a whitelist would work, was Why m… Miles Fidelman
- Re: (DMARC) Why mailing lists are only sort of sp… John Levine
- Re: (DMARC) We've been here before, was Why maili… John Levine
- Re: (DMARC) How a whitelist would work, was Why m… Yoav Nir
- Re: (DMARC) How a whitelist would work, was Why m… John R Levine
- Re: (DMARC) We've been here before, was Why maili… Murray S. Kucherawy
- Re: (DMARC) We've been here before, was Why maili… John R Levine
- Re: (DMARC) We've been here before, was Why maili… Theodore Ts'o
- Re: (DMARC) We've been here before, was Why maili… Douglas Otis
- Re: (DMARC) We've been here before, was Why maili… Murray S. Kucherawy
- Re: (DMARC) We've been here before, was Why maili… John R Levine
- Re: (DMARC) We've been here before, was Why maili… Theodore Ts'o
- Re: (DMARC) We've been here before, was Why maili… Murray S. Kucherawy
- Re: (DMARC) We've been here before, was Why maili… tytso
- Re: (DMARC) We've been here before, was Why maili… Murray S. Kucherawy
- Re: (DMARC) We've been here before, was Why maili… tytso
- Re: (DMARC) We've been here before, was Why maili… Brian E Carpenter
- Re: (DMARC) We've been here before, was Why maili… Murray S. Kucherawy
- Re: (DMARC) We've been here before, was Why maili… Theodore Ts'o
- [off-off-track] Re: (DMARC) We've been here befor… Miles Fidelman
- Re: (DMARC) We've been here before, was Why maili… John Levine
- Re: (DMARC) We've been here before, was Why maili… Alessandro Vesely