IETF Logo Mail Archive

Re: dmarc damage, was gmail users read on... [bozo subtopic]

"John Levine" <johnl@taugh.com> Thu, 11 September 2014 01:25 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BAA21A013B for <ietf@ietfa.amsl.com>; Wed, 10 Sep 2014 18:25:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 3.062
X-Spam-Level: ***
X-Spam-Status: No, score=3.062 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, MANGLED_SPAM=2.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fHgI-4iuc4Jp for <ietf@ietfa.amsl.com>; Wed, 10 Sep 2014 18:25:45 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9EDCC1A0123 for <ietf@ietf.org>; Wed, 10 Sep 2014 18:25:45 -0700 (PDT)
Received: (qmail 70881 invoked from network); 11 Sep 2014 01:25:44 -0000
Received: from miucha.iecc.com (64.57.183.18) by mail1.iecc.com with QMQP; 11 Sep 2014 01:25:44 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=fef.5410fa1a.k1409; i=johnl@user.iecc.com; bh=LBypzCMoKCntaVlpNdU9XpIcjG7SYKTjdwr661QjgkE=; b=ZzrSuMoLhf9ioTvQYefNQ92jFyX31n+srHvQZLLBlTznK6KAlEGrShLDCcET4ngxYeT4Ip9AFWxW2By8oxirRpYd0QtlLqp1fwitzAcMk5TN9iN180OaqwaPHoEp/9S3vd9G2O59ADBy/0TfG89p6UWMiot3gd09mJEdO2P3AxJsvLQmK51bZ5PLEdISUypTt0XXDk5vFzXb2mCJbfYEUoTF2jpHB4UfPARVrcmeiOHLH1rGT2M8ljE0DYkVy/uq
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=fef.5410fa1a.k1409; olt=johnl@user.iecc.com; bh=LBypzCMoKCntaVlpNdU9XpIcjG7SYKTjdwr661QjgkE=; b=mtdNHaExbF7yeBsZ1ViNCEnZRIjlVqmpuD0HtcdlivMGO3OFOiwGHfjLiYeieTIdQDLSfovtWZh/g1Pg8XiEwxcLZKSaws0D4MopWZzrydOmAc1WVhHL1I9r1Tbv9flAhKzBJclY5+8tzW1YA4hEQzffZrxGLcTVdIHK+uMo7g6wfahvj6ZS71TAN6Srg0NNQDPQAGbs6KpH4KwkyXdo5S4m+Zqp2iTp0NIWXG2QEnFv5wjm7EhH/uM3kn5dQVFf
Date: Thu, 11 Sep 2014 01:25:24 -0000
Message-ID: <20140911012524.4078.qmail@joyce.lan>
From: John Levine <johnl@taugh.com>
To: ietf@ietf.org
Subject: Re: dmarc damage, was gmail users read on... [bozo subtopic]
In-Reply-To: <54107679.8080006@dougbarton.us>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/K2uBckDjS35aiah1j6JY9bSFQ-A
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Sep 2014 01:25:47 -0000

>Is there an update on this? Aside from the operational importance of 
>having the IETF mailing lists working well for all users, knowledge of 
>how well the latest mailman fixes work will be very helpful for this 
>community to have.

There's a bunch of different workarounds in the latest version of
Mailman.

The one that's most widely used rewrites the From: line to put the
list's address in place of the author's.  It "works" in the sense that
it avoids DMARC rejections, but at the cost of screwing up the mailing
lists so you can't tell who wrote what from the usual MUA display, and
in many cases, you can't tell who wrote a message at all unless you
put the author's address as the Reply-To, which has its own well known
set of problems.

I've collected all of the DMARC workarounds I know on the ASRG wiki:

http://wiki.asrg.sp.am/wiki/Mitigating_DMARC_damage_to_third_party_mail

On my lists, I rewrite the domain in the From: line to create
forwarding addresses for the real authors.  It's a crock, but one I
find preserves the mailing list functionality better.

R's,
John

v2.23.0 | Report a Bug | By Email