IETF Logo Mail Archive

Re: DMARC and ietf.org

Brian E Carpenter <brian.e.carpenter@gmail.com> Sun, 20 July 2014 16:24 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 667571B2C87; Sun, 20 Jul 2014 09:24:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Level:
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, J_CHICKENPOX_16=0.6, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 38cWPk3Dk3rX; Sun, 20 Jul 2014 09:24:05 -0700 (PDT)
Received: from mail-wi0-x22a.google.com (mail-wi0-x22a.google.com [IPv6:2a00:1450:400c:c05::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 106871B2C84; Sun, 20 Jul 2014 09:24:04 -0700 (PDT)
Received: by mail-wi0-f170.google.com with SMTP id f8so3134980wiw.1 for <multiple recipients>; Sun, 20 Jul 2014 09:24:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=RauaBpIKAWsGNbzmrLn2hFjBkWZ7IH/v09WNznwryC8=; b=rHM2FGCqVUzQHLYvrxhRrWbtossNgSxFHMKc/1WdHNA/ceBTTMJC1AxNSDsrEto9yf km575n5Qj1CbllKdcqBKvzjN+B6gmdVbZ8fFtG15CboFvhf2qePiDFuFFIHfehTkaJSE 2Rkce0yJgTKV2C7NG9FKDLWR403e0qOckcGNAXkJnuJmtsmH4ERcpc7yNJJn2y83rIbX 0kAsx6KxHQuZ6OrcO9UJ6/pePJTlolRxLjjCoEGq82dodL05bEUS+9DdIuRQwJzcCrga SDUaubGEbjn0ext8/tIu6TDuMSdIN7BL2sntCfdGge172l9H6wJqm/Nl+n6W8u37JKpS NUyA==
X-Received: by 10.194.63.37 with SMTP id d5mr14685247wjs.92.1405873443565; Sun, 20 Jul 2014 09:24:03 -0700 (PDT)
Received: from [31.133.140.161] (dhcp-8ca1.meeting.ietf.org. [31.133.140.161]) by mx.google.com with ESMTPSA id k19sm31581065wie.20.2014.07.20.09.24.01 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sun, 20 Jul 2014 09:24:02 -0700 (PDT)
Message-ID: <53CBED21.2030508@gmail.com>
Date: Mon, 21 Jul 2014 04:24:01 +1200
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: John C Klensin <john-ietf@jck.com>
Subject: Re: DMARC and ietf.org
References: <CAL0qLwYZPO9L9e7MHA6zP5vcTbQEJmwCSonLdMeQiOw4CUoiFw@mail.gmail.com> <20140718174827.652621ADAF@ld9781.wdf.sap.corp> <6.2.5.6.2.20140719235353.0c50d260@resistor.net> <25621.1405862805@sandelman.ca> <53CBCC41.5000907@gmail.com> <8FD6A1B037EE43D7EDB4DB53@JCK-EEE10>
In-Reply-To: <8FD6A1B037EE43D7EDB4DB53@JCK-EEE10>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/9EMbBRqSHecRQtS9wDHrrrVG0xg
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, ietf@ietf.org, iaoc@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Jul 2014 16:24:06 -0000

On 21/07/2014 04:12, John C Klensin wrote:
> 
> --On Monday, 21 July, 2014 02:03 +1200 Brian E Carpenter
> <brian.e.carpenter@gmail.com> wrote:
> 
>> On 21/07/2014 01:26, Michael Richardson wrote:
>>> Regardless of how/if/why/when we process DMARC as a
>>> specification, we need to decide how ietf.org MTA is going to
>>> deal with things.
>>>
>>> 1) someone has to fund changes to mailman, and perform
>>> testing, installation, and community education for the IETF
>>>    mailing lists.  That implies that we have to decide *for
>>>    ourselves* where and how we will "break" the DMARC/DKIM
>>>    connection,  and if we will reject email from p=reject
>>>    senders before we attempt to relay.
>> I thought the preferred solution was to rewrite the From for
>> those users only.
> 
> Brian,
> 
> I think that remains controversial.  At least some of us would
> prefer that we scan IETF lists for addresses that might be
> affected, notify those people that they will no longer be able
> to send to IETF lists from those addresses, 

Yes, of course, and I've done that for the IETF lists I administer,
as far as possible. As a practical matter, though, I would selectively
rewrite rather than throw people off. I'd like to have that choice.

> and then, while we
> would continue to deliver traffic to them to the degree
> feasible, any traffic originating from them would simply be
> rejected or bounced by mailman.  That requires changes and some
> tool work too, but puts the pain where it belongs -- on the
> DMARC-using systems and those who choose to have addresses on
> then.
> 
> I have mixed feelings about recommending that strategy for the
> more general community and am happy to let the proposed WG do
> its job, but, as far as the IETF community is concerned, we are
> all presumably capable of understanding the issues and finding
> other addresses if needed.

I would hope so, but changing one's address is a significant
nuisance. So I'd like a choice of pragmatic solutions while
we wait.

   Brian

v2.23.0 | Report a Bug | By Email