IETF Logo Mail Archive

Re: DMARC and ietf.org

Dave Crocker <dhc@dcrocker.net> Fri, 22 July 2016 06:55 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8137812D9E7 for <ietf@ietfa.amsl.com>; Thu, 21 Jul 2016 23:55:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.107
X-Spam-Level:
X-Spam-Status: No, score=-1.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RDNS_NONE=0.793] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lVzXwCR5geCZ for <ietf@ietfa.amsl.com>; Thu, 21 Jul 2016 23:55:51 -0700 (PDT)
Received: from simon.songbird.com (unknown [72.52.113.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 69CB512D660 for <ietf@ietf.org>; Thu, 21 Jul 2016 23:55:51 -0700 (PDT)
Received: from [31.133.179.22] (dhcp-b316.meeting.ietf.org [31.133.179.22]) (authenticated bits=0) by simon.songbird.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id u6M6uTbh016720 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NOT); Thu, 21 Jul 2016 23:56:30 -0700
Subject: Re: DMARC and ietf.org
References: <CAL0qLwYZPO9L9e7MHA6zP5vcTbQEJmwCSonLdMeQiOw4CUoiFw@mail.gmail.com> <20140718174827.652621ADAF@ld9781.wdf.sap.corp> <6.2.5.6.2.20140719235353.0c50d260@resistor.net> <25621.1405862805@sandelman.ca> <56CDC083.7020001@sandelman.ca> <CAA=duU0HLdE0WRcM3o9SXGuZ2T6E5mha+GjRkyGfPEe+VO=pdg@mail.gmail.com> <87B045CE-2C2F-4528-937E-772B67E26F8C@vigilsec.com> <1301.1456329984@obiwan.sandelman.ca> <56CDFA68.4030506@gmail.com> <A2F94A7A-3984-4E01-9C66-C580BD8C92CA@me.com> <BE67956E-7299-41D1-B8D6-B66AD18081D7@vigilsec.com> <bf2540aa-eda2-8e56-d3f5-1bf862b395ce@dcrocker.net> <10004.1469036041@obiwan.sandelman.ca> <25ffe3be-cf32-6a25-1830-82650c1175d9@dcrocker.net> <aa0e220a-e1a1-3c65-b426-01d1fbb09c5d@gmail.com> <c1372647-cd37-9eb9-ee8b-4ef8d21809c4@dcrocker.net> <01Q2SVKQRGDC00005M@mauve.mrochek.com> <CC6156F0-83C6-4E18-80F9-B0B4FAD13621@vigilsec.com> <01Q2TDG2FOSY00005M@mauve.mrochek.com> <d86fff59-68be-0149-8bd7-d5cef6fa2668@gmail.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>, ietf@ietf.org
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
Message-ID: <cb956816-371a-a65a-3a47-46646c747fca@dcrocker.net>
Date: Fri, 22 Jul 2016 08:55:41 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <d86fff59-68be-0149-8bd7-d5cef6fa2668@gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/F3PPPRBlz-jIswKmQfKPQsV6s_E>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jul 2016 06:55:52 -0000

On 7/22/2016 7:13 AM, Brian E Carpenter wrote:
>>>> >>> The most straightforward way to accomplish this would be to make copies of the
>>>> >>> original fields with different names, but of course many other approaches  are
>>>> >>> possible.
>> >
>>> >> I do not see MailMan settings to make that happen.  Maybe I missed something...
>> >
>> > That's most unfortunate, and I have to say moves my position from neutral
>> > to "don't do it".
>> >
>> > Reversible damage is one thing, irreversible damage another.
> That's the dilemma. An agent that obeys p=reject does irreversible
> damage too. I can figure out how to live with p=reject being treated
> as p=quarantine, but not with "reject means reject".


There are different levels of issue here.  The one that Ned is raising 
is something that we might be able to affect.

The changes made by mailing list software were done in haste and without 
community deliberation, in response to a sudden escalation.  The efforts 
were well-intentioned, but haven't been vetted.

Since the changes are going to be with us for quite awhile (and maybe 
permanently) we ought to formulate a recommendation, up to the level of 
making it a BCP (or even PS...)

Reversibility of the changes to the message is a requirement I hadn't 
heard before, but it makes complete sense.  My own complaint is about 
messing with the usability of the From field by the recipient.

I suggest initiating a small effort to formulate a suggested 'standard' 
behavior by mediators (eg, mailing lists) that modify the rfc5322.From 
field, in response to DMARC issues.

The effort should include some usability folks, since this is visible to 
recipients and the design of the details should attend to... well, you 
know, utility and ease of use.

d/

-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net

v2.23.0 | Report a Bug | By Email