Re: What I've been wondering about the DMARC problem

Miles Fidelman <mfidelman@meetinghouse.net> Tue, 15 April 2014 16:52 UTC

Return-Path: <mfidelman@meetinghouse.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 670541A011A for <ietf@ietfa.amsl.com>; Tue, 15 Apr 2014 09:52:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.881
X-Spam-Level:
X-Spam-Status: No, score=-0.881 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MISSING_HEADERS=1.021, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KaLcOk5s5HNZ for <ietf@ietfa.amsl.com>; Tue, 15 Apr 2014 09:52:44 -0700 (PDT)
Received: from server1.neighborhoods.net (server1.neighborhoods.net [207.154.13.48]) by ietfa.amsl.com (Postfix) with ESMTP id 9B3881A0552 for <ietf@ietf.org>; Tue, 15 Apr 2014 09:52:44 -0700 (PDT)
Received: from localhost (localhost.localdomain [127.0.0.1]) by server1.neighborhoods.net (Postfix) with ESMTP id 7E770CC08F for <ietf@ietf.org>; Tue, 15 Apr 2014 12:52:41 -0400 (EDT)
X-Virus-Scanned: by amavisd-new-2.6.2 (20081215) (Debian) at neighborhoods.net
Received: from server1.neighborhoods.net ([127.0.0.1]) by localhost (server1.neighborhoods.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id hxYfKA55zXvt for <ietf@ietf.org>; Tue, 15 Apr 2014 12:52:37 -0400 (EDT)
Received: from new-host.home (pool-173-76-155-14.bstnma.fios.verizon.net [173.76.155.14]) by server1.neighborhoods.net (Postfix) with ESMTPSA id 29242CC095 for <ietf@ietf.org>; Tue, 15 Apr 2014 12:52:34 -0400 (EDT)
Message-ID: <534D63D1.3060202@meetinghouse.net>
Date: Tue, 15 Apr 2014 12:52:33 -0400
From: Miles Fidelman <mfidelman@meetinghouse.net>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:28.0) Gecko/20100101 Firefox/28.0 SeaMonkey/2.25
MIME-Version: 1.0
CC: IETF Discussion <ietf@ietf.org>
Subject: Re: What I've been wondering about the DMARC problem
References: <53499A5E.9020805@meetinghouse.net> <5349A261.9040500@dcrocker.net> <5349AE35.2000908@meetinghouse.net> <5349BCDA.7080701@gmail.com> <01P6L9JZF5SC00004W@mauve.mrochek.com> <CAKW6Ri5f5KZyJeL7RTG2T000Qd+t61KCofNmG2JZv+nKi94Uug@mail.gmail.com> <534C0078.3070808@meetinghouse.net> <CAKW6Ri6OUmxGaBOGR2hoWpDOGWsVQ9tQ2Q9ogkT5wzFhFJLBbQ@mail.gmail.com> <534C2262.1070507@meetinghouse.net> <CAL0qLwb5p_V3i-NGhKJZBeO0qKHm1xiAq1E3nYkBzVUAXkRPpQ@mail.gmail.com> <CAKW6Ri5HWMaGMa_oLKwq5fzSUzJG=jAL1qojY1i6_tibEAxq8w@mail.gmail.com> <CAL0qLwaik1ft+AcACoc+kvKtCRt_gGvM6ov7c2yj_Uwyy3drNw@mail.gmail.com> <CAKW6Ri5_=GyOQijZMM+mqAoaEQzePGysBy9WVjN9yHO1zf3d2w@mail.gmail.com> <534C8F2B.9060903@gmail.com> <534D5516.7060902@dcrocker.net> <534D5FD6.506@meetinghouse.net> <CAJkfFBzw4uKOvOdZKiymW6PX+iQ9CYQuMENOopx-32nEA7TGyg@mail.gmail.com>
In-Reply-To: <CAJkfFBzw4uKOvOdZKiymW6PX+iQ9CYQuMENOopx-32nEA7TGyg@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/E361qRBXCqfz97IFTbM6Sar0rjY
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Apr 2014 16:52:48 -0000

Which does bring us back to the question of how to deal with "bad 
actors" (or at least "irresponsible actors" or "uncooperative actors") 
within a cooperative governance framework.  Sigh.... Miles

Seth Johnson wrote:
> They're forcing adoption -- while folks have not been addressing this 
> piece of the inter-governmental frame.  :-)
>
>
> On Tue, Apr 15, 2014 at 12:35 PM, Miles Fidelman 
> <mfidelman@meetinghouse.net <mailto:mfidelman@meetinghouse.net>> wrote:
>
>     Dave Crocker wrote:
>
>         On 4/14/2014 6:45 PM, Brian E Carpenter wrote:
>
>             I thought that standard operating procedure in the IT industry
>             was: if you roll something out and it causes serious
>             breakage to
>             some of your users, you roll it back as soon as possible.
>
>             Why hasn't Yahoo rolled back its 'reject' policy by now?
>
>
>
>         As the most-recent public statement from Yahoo, this might
>         have some tidbits in it that are relevant to your question:
>
>
>
>         http://yahoo.tumblr.com/post/82426971544/an-update-on-our-dmarc-policy-to-protect-our-users
>
>
>     You mean the part where they say:
>     "We know there are about 30,000 affected email sending services,
>     but we also know that the change needed to support our new DMARC
>     policy is important and not terribly  difficult to implement. We
>     have detailed the changes we are requiring here
>     <http://yahoomail.tumblr.com/post/82426900353/yahoo-dmarc-policy-change-what-should-senders-do>."
>
>     I.e., 'not our problem'
>
>     Miles Fidelman
>
>
>     -- 
>     In theory, there is no difference between theory and practice.
>     In practice, there is.   .... Yogi Berra
>
>


-- 
In theory, there is no difference between theory and practice.
In practice, there is.   .... Yogi Berra