Re: (DMARC) Why mailing lists are only sort of special

Pete Resnick <presnick@qti.qualcomm.com> Wed, 16 April 2014 23:26 UTC

Return-Path: <presnick@qti.qualcomm.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 247D71A004B for <ietf@ietfa.amsl.com>; Wed, 16 Apr 2014 16:26:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.273
X-Spam-Level:
X-Spam-Status: No, score=-2.273 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.272, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KCT7KNijg5wr for <ietf@ietfa.amsl.com>; Wed, 16 Apr 2014 16:26:02 -0700 (PDT)
Received: from sabertooth01.qualcomm.com (sabertooth01.qualcomm.com [65.197.215.72]) by ietfa.amsl.com (Postfix) with ESMTP id 1DC021A0408 for <ietf@ietf.org>; Wed, 16 Apr 2014 16:26:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qti.qualcomm.com; i=@qti.qualcomm.com; q=dns/txt; s=qcdkim; t=1397690759; x=1429226759; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=4A7kUMynv9POHxPy7DzoyIZZ5gwNu66+RNbGfdGIoOA=; b=g46spJYHYp2Rus1QqQEcSSiLMHhGOiGHo7GERzkP89im48VEeQkADWxC HMrw3pOS2zXchY5GBMkqMOgOtnwnlsUNqLJCqZSYmR6C8E2hdrm8uRDhy ECS+GqnT8e9XaDkhYkFZPOtn14KZkKuV8JkQ+HMAkYnnb/dFOCLe4BfDu 4=;
X-IronPort-AV: E=McAfee;i="5400,1158,7410"; a="62079895"
Received: from ironmsg04-l.qualcomm.com ([172.30.48.19]) by sabertooth01.qualcomm.com with ESMTP; 16 Apr 2014 16:25:59 -0700
X-IronPort-AV: E=Sophos;i="4.97,875,1389772800"; d="scan'208";a="626583613"
Received: from nasanexhc07.na.qualcomm.com ([172.30.39.190]) by Ironmsg04-L.qualcomm.com with ESMTP/TLS/RC4-SHA; 16 Apr 2014 16:25:58 -0700
Received: from resnick2.qualcomm.com (172.30.39.5) by qcmail1.qualcomm.com (172.30.39.190) with Microsoft SMTP Server (TLS) id 14.3.158.1; Wed, 16 Apr 2014 16:25:57 -0700
Message-ID: <534F1183.6060702@qti.qualcomm.com>
Date: Wed, 16 Apr 2014 18:25:55 -0500
From: Pete Resnick <presnick@qti.qualcomm.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.7; en-US; rv:1.9.1.9) Gecko/20100630 Eudora/3.0.4
MIME-Version: 1.0
To: John R Levine <johnl@taugh.com>
Subject: Re: (DMARC) Why mailing lists are only sort of special
References: <CE39F90A45FF0C49A1EA229FC9899B0507D45766@USCLES544.agna.amgreetings.com> <20140414214949.32126.qmail@joyce.lan> <CE39F90A45FF0C49A1EA229FC9899B0507D460CB@USCLES544.agna.amgreetings.com> <alpine.BSF.2.00.1404142150430.32657@joyce.lan> <CAL0qLwbPMm_i0fqNSGQPv=xZaiNASy=icsRNudaNJ_3PNtX3Og@mail.gmail.com> <alpine.BSF.2.00.1404151832460.38826@joyce.lan> <CAL0qLwZUptJVw85T2FjB2HRGoOvcOUHKiQXeadM0QE9BsFVM9w@mail.gmail.com> <CAKHUCzxpwS+nR9wRGOzU_83f7XabMr0pwB5x-MHrqM-28r80kw@mail.gmail.com> <CAKHUCzzw9mufrTCOBQOkRrZU6wOM21X8Y=FUEKf=qnzS9VESjA@mail.gmail.com> <alpine.BSF.2.00.1404161654430.2065@joyce.lan>
In-Reply-To: <alpine.BSF.2.00.1404161654430.2065@joyce.lan>
Content-Type: text/plain; charset="ISO-8859-1"; format=flowed
Content-Transfer-Encoding: 7bit
X-Originating-IP: [172.30.39.5]
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/AqSUfYEc1EIJyAgcFUCqRY8lqi8
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Apr 2014 23:26:04 -0000

Replying to two in one. They're sorta related.

On 4/16/14 7:58 AM, Michael Richardson wrote:

> It's clear to me that we need at least a non-WG mailing list for this
> *technical* discussion.

Yeah, we are starting to move into solution space, which needs to be 
discussed in a specific technical forum. I'll try to keep it short.

> so, what you are saying is that based upon the (SMTP) To: address, the sender
> needs a signal that this is a mailing list, and some way to react.
> Maybe this could be combined with various SMTP DANE mechanisms, or at least,
> maybe "Additional RR" could return that kind of information.
>    

The originator (well, more to the point, the originator's mail server) 
doesn't need a signal that it's a mailing list; it's simply that the 
destination makes an "if I forward the mail, I'll be including this" 
piece of data available, and the originator's server can then include 
that in the signature of the message. I was thinking this could be in 
some special kind of DMARC (or whatever) record that lived in the 
mailing list's domain and could be queried by the originator's server.

> Running code.  we need someone to fund and participate in an experiment.
>   (cf: other thread about not participating in SDOs anymore)
>    

Bah. I do need to respond in that other thread, but I've become more 
sanguine about standardization after Vidya's article: I agree with a 
good deal of what she says, and I think she's categorized the problem 
correctly. Her having done that, I now see paths forward. More on the 
other thread.

On 4/16/14 3:57 PM, John R Levine wrote:

> How do I distinguish the nice mailing lists at ietf.org from random 
> evil spammer domains sending spam with List-ID headers?
>
> Every proposal I've seen like this ends up tripping over the fact that 
> there is no technical way to distinguish between mail from real 
> mailing lists and spam that looks like it's from mailing lists.

At least in the back-of-the-envelope scheme I suggested, the receiver 
doesn't need to distinguish mailing lists: The originator's system finds 
out where the mail is going, gets some information from the destination, 
and signs that and sends it with the message. The mailing list sends 
that along to the recipients. When my (one of the recipient's) server 
looks at that info, it determines that the originator sent the message 
directly to the mailing list, and I can tell that the mailing list sent 
it to me. My server doesn't need to determine whether the mailing list 
is "evil"; it knows that the person with the (e.g.) yahoo.com address 
sent to that mailing list from a yahoo.com server. That's what it cares 
about.

(And again, anyone can choose to continue to say, "No redistributing 
this message". The mailing list, or the eventual recipients if the 
mailing list doesn't play, should bounce the message in that case.)

pr

-- 
Pete Resnick<http://www.qualcomm.com/~presnick/>
Qualcomm Technologies, Inc. - +1 (858)651-4478