IETF Logo Mail Archive

Re: DMARC methods in mailman

Theodore Ts'o <tytso@mit.edu> Wed, 21 December 2016 15:12 UTC

Return-Path: <tytso@thunk.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 304D31293FE for <ietf@ietfa.amsl.com>; Wed, 21 Dec 2016 07:12:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5
X-Spam-Level:
X-Spam-Status: No, score=-5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RP_MATCHES_RCVD=-3.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=thunk.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NCWazyL2i6qR for <ietf@ietfa.amsl.com>; Wed, 21 Dec 2016 07:12:23 -0800 (PST)
Received: from imap.thunk.org (imap.thunk.org [IPv6:2600:3c02::f03c:91ff:fe96:be03]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8873F1296B9 for <ietf@ietf.org>; Wed, 21 Dec 2016 07:12:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=thunk.org; s=ef5046eb; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date; bh=N8ZnXwEU127ixGqkO2Fg5S30SiW8Bhj0z1eq1ifkk+M=; b=eGiQm8c0op/PwH1UdscZDaTuhKe4X/b7iS902uSW3Zq95b9FxS9V18oV9F5e6ipENTxnZ2EuzPbSSVv3hVdAalZoZFRF/dDvsfKYxsOgJclqyoNDxZyeYz/5QTMx4RsEfKLVTAw3HxKvhF55yxF+iWM8ktsnNcqtnJ85PVt9tIw=;
Received: from root (helo=callcc.thunk.org) by imap.thunk.org with local-esmtp (Exim 4.84_2) (envelope-from <tytso@thunk.org>) id 1cJiZ1-0003s8-It; Wed, 21 Dec 2016 15:12:19 +0000
Received: by callcc.thunk.org (Postfix, from userid 15806) id C4282C00214; Wed, 21 Dec 2016 10:12:18 -0500 (EST)
Date: Wed, 21 Dec 2016 10:12:18 -0500
From: Theodore Ts'o <tytso@mit.edu>
To: Philip Homburg <pch-ipv6-ietf-3@u-1.phicoh.com>
Subject: Re: DMARC methods in mailman
Message-ID: <20161221151218.d22u37grsqqxsdwt@thunk.org>
References: <m1cJIF7-0000DEC@stereo.hq.phicoh.net> <6.2.5.6.2.20161221001758.0bde4ac0@elandnews.com> <m1cJfj3-0000CNC@stereo.hq.phicoh.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <m1cJfj3-0000CNC@stereo.hq.phicoh.net>
User-Agent: NeoMutt/20161126 (1.7.1)
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: tytso@thunk.org
X-SA-Exim-Scanned: No (on imap.thunk.org); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/KYm-W8867zhbZ4iANX1p_loqcLo>
Cc: ietf@ietf.org, S Moonesamy <sm+ietf@elandsys.com>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Dec 2016 15:12:26 -0000

On Wed, Dec 21, 2016 at 01:10:16PM +0100, Philip Homburg wrote:
> >The focus has been on Yahoo because of a message which was posted 
> >several years ago.  I collected some statistics for an IETF mailing 
> >list.  Approximately 40% of the subscribers are using [1] DMARC; most 
> >of then are not using Yahoo.
> 
> Are you talking about senders or recipients? The reason yahoo stands out is
> because yahoo seems to be one of the few providers that rejects or bounces
> mail that fails DMARC checks.
> 
> Or are you saying that at the moment 40% of the subscribers of IETF lists reject
> or otherwise not receive mail from DMARC protected senders?

It's much more likely that this is the percentage of subscribers that
are sending from domains that are claiming a DMARc policy.  What's
interesting is how few of these domains are actually *following* the
DMARC specification in rejecting, unconditionally, e-mails which fail
the DMARC checks.

Which to me shows how defective by design DMARC really is; even many
of the proponents of DMARC are running mail systems which are not
honoring the DMARC "specification".

Given that the DMARC "specifcation" isn't even being treated as a
standard that must be obeyed in all of its particulars by its
proponents --- the fact that this is being used by its propoonents to
twist mailers of the IETF --- a standards body --- into knots because
it is enforcement is random and *not* standardized is, quite frankly,
amazing to me.

Let the employees of those companies which are proponents of DMARC
suffer.  And they might not be suffering that much given that at least
one of those companies isn't really enforcing DMARC on the receiving
end for their users....

					- Ted

v2.23.0 | Report a Bug | By Email