Re: dmarc damage, was gmail users read on... [bozo subtopic]
John C Klensin <john-ietf@jck.com> Thu, 11 September 2014 20:33 UTC
Return-Path: <john-ietf@jck.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD2CE1A014D for <ietf@ietfa.amsl.com>; Thu, 11 Sep 2014 13:33:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.353
X-Spam-Level:
X-Spam-Status: No, score=-2.353 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.652] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MaPfO7qwoF3O for <ietf@ietfa.amsl.com>; Thu, 11 Sep 2014 13:33:29 -0700 (PDT)
Received: from bsa2.jck.com (bsa2.jck.com [70.88.254.51]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BF7851A0135 for <ietf@ietf.org>; Thu, 11 Sep 2014 13:33:29 -0700 (PDT)
Received: from h8.int.jck.com ([198.252.137.35] helo=JcK-HP8200.jck.com) by bsa2.jck.com with esmtp (Exim 4.82 (FreeBSD)) (envelope-from <john-ietf@jck.com>) id 1XSB3Y-000K8z-B5; Thu, 11 Sep 2014 16:33:28 -0400
Date: Thu, 11 Sep 2014 16:33:23 -0400
From: John C Klensin <john-ietf@jck.com>
To: Doug Barton <dougb@dougbarton.us>, ietf@ietf.org
Subject: Re: dmarc damage, was gmail users read on... [bozo subtopic]
Message-ID: <2819C534C887D8473D21A3E0@JcK-HP8200.jck.com>
In-Reply-To: <5411DC37.8080101@dougbarton.us>
References: <20140911012524.4078.qmail@joyce.lan> <5BDC34CDABC75F8588294487@JcK-HP8200.jck.com> <5411DC37.8080101@dougbarton.us>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-SA-Exim-Connect-IP: 198.252.137.35
X-SA-Exim-Mail-From: john-ietf@jck.com
X-SA-Exim-Scanned: No (on bsa2.jck.com); SAEximRunCond expanded to false
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/F5SaQN1oci1aIygbKFL2MB7qNes
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Sep 2014 20:33:31 -0000
--On Thursday, September 11, 2014 10:30 -0700 Doug Barton <dougb@dougbarton.us> wrote: > John Klensin, > > If you don't like that solution, what solution do you propose > to deal with the large (by volume) installed base of DMARC > domains relative to mailing list traffic? It's fine and good > to talk about theory, more power to ya. :) But as Brian > pointed out the volume of list traffic that is being shunted > to spam folders, or outright rejected, is only increasing. > Continuing to complain about DMARC, or the way it's being > used, is wasted electrons. > > I proposed creating a draft for a standardized way of encoding > the original from address to the left of the @ sign so that > the mailing list sender could create a valid DKIM record, but > clients could be taught to decode the original From:. You and > others pooh-pooh'ed that suggestion, but I haven't seen a > better one yet. I don't recall "pooh-pooh"-ing anything, but as many people here are aware, I've got a deep aversion, based on extensive experience, to tampering with headers in transit. From that point of view, a fancy encoding of the local part is not significantly different from the "rewrite to point to the mail exploder" technique John Levine mentioned. As to a solution, I believe that a key reason the Internet has gotten this far -- both technically and in terms of convincing regulators and the like to let us rely on "multistakeholder" solutions rather than extensive formal regulation -- depends on organizations with market power (by volume) exercising good judgment and moderation when it is discovered that their actions hurt others or force others to incur significant expense. I sincerely hope that the newly-created WG will move expeditiously to modify DMARC so that it stops causing these problems and that the major (by volume) organizations who have deployed DMARC will then rapidly make adopt those changes. From that perspective, "we deployed this neat thing, if it hurts you and your perfectly standards-conforming application, suck it up" just doesn't work for me regardless of what the parties with those other applications might apply as remedies. I hope I'm not getting too hysterical about this but, if DMARC "works" in the sense that the organizations who created it can effectively force everyone else to adapt or find themselves at a severe disadvantage, what is to prevent the same actors from collaborating on new core email protocols (replacing SMTP and the header specs). We probably all agree that those specs are showing their age and that we would do things differently if we started over today and didn't need to worry about the installed base. We probably don't agree on what changes should be made and the IETF has traditionally been quite careful about that installed base. But suppose some consortium of large actors came along and said "we have designed a new set of mail protocols that will provide our users a better experience" (or, to be cynical, provide us with better advertising opportunities) "and good luck to you in designing gateways". Would we accept that in the same way that you and others seem to be urging ways to accommodate to DMARC? I fear for the notion of an open Internet if the answer is "yes", but probably see less difference between that case and the DMARC one than you and others may. Maybe things just look better from my applications perspective looking down the stack, but my impression is that most of the major corporate actors in, e.g., routing, the network layer, and operations are still behaving more or less consistently with that historical cooperative model. But some of the active forces in the applications layer, seemingly especially where email is concerned, seem to have lost sight of it or concluded that is is not in their interest to do so. I find that pretty troubling. Now, perhaps my view is outdated and naive and our present reality is that any convenient 300 pound gorilla (or a consortium of them) can (and will) do whatever they like and expect others to conform. If that is so, I question the long-term future of the IETF and voluntary, individual-participation, standardization efforts, both because market power becomes a more economical and effective substitute for open standards and because this is exactly the sort of thing that causes other actors to decide that external adult supervision is needed (with them picking the "adults"). best, john
- gmail users read on... Brian E Carpenter
- Re: gmail users read on... Rich Kulawiec
- Re: gmail users read on... Andrew G. Malis
- Re: gmail users read on... Ross Finlayson
- Re: gmail users read on... Michael Richardson
- Re: gmail users read on... Mary Barnes
- RE: gmail users read on... l.wood
- Re: gmail users read on... Ross Finlayson
- Re: gmail users read on... Ted Faber
- Re: gmail users read on... Tim Bray
- Re: gmail users read on... TJ
- Re: gmail users read on... Ross Finlayson
- Re: gmail users read on... Riccardo Bernardini
- Re: gmail users read on... Paul Hoffman
- Re: gmail users read on... TJ
- Re: gmail users read on... Ted Faber
- Re: gmail users read on... joel jaeggli
- Re: gmail users read on... Phillip Hallam-Baker
- Re: gmail users read on... [technical subtopic] Brian E Carpenter
- Re: gmail users read on... [bozo subtopic] Brian E Carpenter
- Re: gmail users read on... [bozo subtopic] Andrew G. Malis
- Re: gmail users read on... [bozo subtopic] Hector Santos
- Re: gmail users read on... [bozo subtopic] Antonio Prado
- Re: gmail users read on... [bozo subtopic] Joe Abley
- Re: gmail users read on... [bozo subtopic] Doug Barton
- Re: dmarc damage, was gmail users read on... [boz… John Levine
- Re: dmarc damage, was gmail users read on... [boz… John C Klensin
- Re: dmarc damage, was gmail users read on... [boz… Doug Barton
- Re: dmarc damage, was gmail users read on... [boz… Doug Barton
- Re: dmarc damage, was gmail users read on... [boz… John Levine
- Re: dmarc damage, was gmail users read on... [boz… John C Klensin
- Re: dmarc damage, was gmail users read on... [boz… Nico Williams
- RE: dmarc damage, was gmail users read on... [boz… Christian Huitema
- Re: dmarc damage, was gmail users read on... [boz… George Michaelson
- Re: dmarc damage, was gmail users read on... [boz… John Levine
- Re: dmarc damage, was gmail users read on... [boz… Miles Fidelman
- Re: dmarc damage, was gmail users read on... [boz… Dave Crocker
- Re: dmarc damage, was gmail users read on... [boz… Theodore Ts'o
- Re: dmarc damage, was gmail users read on... [boz… Donald Eastlake
- Re: dmarc damage, was gmail users read on... [boz… Viktor Dukhovni
- RE: dmarc damage, was gmail users read on... [boz… MH Michael Hammer (5304)
- Re: dmarc damage, was gmail users read on... [boz… Wei Chuang
- Re: dmarc damage, was gmail users read on... [boz… Doug Barton
- Re: dmarc damage, was gmail users read on... [boz… Dave Crocker
- RE: dmarc damage, was gmail users read on... [boz… MH Michael Hammer (5304)
- Re: dmarc damage, was gmail users read on... [boz… Doug Barton
- Re: dmarc damage, was gmail users read on... [boz… Nico Williams
- Re: dmarc damage, was gmail users read on... [boz… Murray S. Kucherawy
- Re: dmarc damage, was gmail users read on... [boz… Murray S. Kucherawy
- Re: dmarc damage, was gmail users read on... [boz… Murray S. Kucherawy
- Re: dmarc damage, was gmail users read on... [boz… Sabahattin Gucukoglu
- Re: dmarc damage, was gmail users read on... [boz… John Levine
- Re: dmarc damage, was gmail users read on... [boz… John C Klensin
- Re: dmarc damage, was gmail users read on... [boz… Wei Chuang
- Re: dmarc damage, was gmail users read on... [boz… Wei Chuang
- Re: gmail users read on... Hector Santos
- Re: dmarc damage, was gmail users read on... [boz… Hector Santos
- Re: dmarc damage, was gmail users read on... [boz… Scott Kitterman
- Re: dmarc damage, was gmail users read on... [boz… Hector Santos
- Re: dmarc damage, was gmail users read on... [boz… Hector Santos
- Re: dmarc damage, was gmail users read on... [boz… Hector Santos
- Re: dmarc damage, was gmail users read on... [boz… Dave Crocker
- Re: gmail users read on... George Michaelson
- Re: dmarc damage, was gmail users read on... [boz… David Morris
- Re: dmarc damage, was gmail users read on... [boz… John Levine
- Re: dmarc damage, was gmail users read on... [boz… Rich Kulawiec
- Re: dmarc damage, was gmail users read on... [boz… Rich Kulawiec