Re: DMARC from the perspective of the listadmin of a bunch of SMALL community lists

Miles Fidelman <> Sat, 19 April 2014 01:09 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id AAF441A0574 for <>; Fri, 18 Apr 2014 18:09:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.881
X-Spam-Status: No, score=-0.881 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MISSING_HEADERS=1.021, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id TEIMWi7uM-7G for <>; Fri, 18 Apr 2014 18:09:30 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id C6AF91A0203 for <>; Fri, 18 Apr 2014 18:09:29 -0700 (PDT)
Received: from localhost (localhost.localdomain []) by (Postfix) with ESMTP id 661ADCC0BF for <>; Fri, 18 Apr 2014 21:09:25 -0400 (EDT)
X-Virus-Scanned: by amavisd-new-2.6.2 (20081215) (Debian) at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with LMTP id grRBdt7FTp3B for <>; Fri, 18 Apr 2014 21:09:16 -0400 (EDT)
Received: from new-host.home ( []) by (Postfix) with ESMTPSA id 6A8B4CC0BD for <>; Fri, 18 Apr 2014 21:09:16 -0400 (EDT)
Message-ID: <>
Date: Fri, 18 Apr 2014 21:09:16 -0400
From: Miles Fidelman <>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:28.0) Gecko/20100101 Firefox/28.0 SeaMonkey/2.25
MIME-Version: 1.0
Subject: Re: DMARC from the perspective of the listadmin of a bunch of SMALL community lists
References: <> <> <> <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 19 Apr 2014 01:09:32 -0000 wrote:
>> On 04/18/2014 07:47 AM, Ned Freed wrote:
>>  >> I said:
>> >> Rather than throwing up our
>> >> hands and telling the DMARC folks that we refuse to work with them
>> >> unless their solution solves the problem of our anachronistic use 
>> case
>> >> that that constitutes only a tiny percentage of their overall 
>> traffic;
>> >
>> > Again with the traffic size as justification for poor behavior. Not 
>> all
>> > messages are created equal, and some functions have utility entirely
>> > disproportionate to the amount of bandwidth they use.
>> Right, so the input here from the operators is, "Mailing list traffic is
>> not important enough to us to prevent us from deploying an anti-spam
>> solution that solves the vast majority of our problems with little cost
>> or difficulty. The MLM software authors will have to deal with this
>> problem on their end." And your response is to stamp your feet and
>> shout, "But my mailing list traffic IS important! It is, IT IS!!!!!"
> I really have to wonder where you got enough straw to build a strawman 
> of this
> size. If you actually, you know, read what I've been saying, it has 
> been that
> this was handled extremely poorly by the IETF. Just not in the way you 
> happen
> to believe.
> Your view of what happened, who the operators actually are and what their
> positions are, and what the likely consequences are going to be are 
> somewhere
> between a gross oversimplifications and looney tunes. But I must say 
> they are
> amusing.
>> I'm glad that you feel that way, we should all have things that we're
>> proud of after all. But in terms of actually listening to and acting on
>> the input we've received from the operator community about this topic,
>> the IETF has failed.
> Wrong again. The evidence shows clearly that the IETF did listen, to 
> this group
> at least. Where the IETF failed was in not looking at the big picture and
> likely consequences, which I'm afraid is not laid out along the axis 
> of "big
> operators all supporting DMARC" versus "tiny insignificant list 
> maintainer
> stick-in-the-muds".
> Oh, and not that it matters, but I personally have only been tangentially
> involved in most of this. This is because a lot of it happened when I 
> wasn't
> unable to participate. Kidney transplants and heavy standards 
> involvement don't
> mix very well.

Wow... hope all is well now.  (History of kidney issues in our family - 
never has led to a transplant.  I feel for you.)
>> The fact that people like you don't recognize this
>> as a failure is a clear sign that our slippery slope into irrlevance is
>> well greased.
> I've been saying from the start that this was a failure on the IETF's 
> part.
> It's just not the kind of failure you think it was.

Any suggestions on how we might approach making changes?  I guess 
overall architecture, process, and policy are IAB's purview - but how 
does one get folks to pay attention - I haven't seen any IAB members 
commenting here, for example. (Note: My own IETF involvement has always 
been one step removed - mostly in my days at BBN, where I sat next to a 
lot of active IETF participants, but spent more of my time on system 
design and application of protocols.  My direct standards involvement 
has always seemed to end up in other forums - mostly military and 
security stuff that ran under funny venues. These days, I'm more on the 
tail end of being effected by such things as this current debacle - 
which are kind of motivating me to get more seriously involved.)

Miles Fidelman

In theory, there is no difference between theory and practice.
In practice, there is.   .... Yogi Berra