Re: (DMARC) We've been here before, was Why mailing lists (Martin Rex) Thu, 17 April 2014 20:55 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 8AB281A0194 for <>; Thu, 17 Apr 2014 13:55:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -8.552
X-Spam-Status: No, score=-8.552 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, GB_I_LETTER=-2, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id eUIlzhrED8-1 for <>; Thu, 17 Apr 2014 13:55:24 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 4BDA11A0109 for <>; Thu, 17 Apr 2014 13:55:24 -0700 (PDT)
Received: from by (26) with ESMTP id s3HKsxPY028311 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 17 Apr 2014 22:54:59 +0200 (MEST)
Subject: Re: (DMARC) We've been here before, was Why mailing lists
In-Reply-To: <>
To: John Levine <>
Date: Thu, 17 Apr 2014 22:54:59 +0200 (CEST)
X-Mailer: ELM [version 2.4ME+ PL125 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <>
From: (Martin Rex)
X-SAP: out
Cc: Pete Resnick <>, "" <>
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 17 Apr 2014 20:55:26 -0000

John Levine wrote:
>> This is *NOT* about protection or authentication, this is purely about
>> rfc822/2822/5322 message semantics.  Something that has been well-defined
>> and constant for decades.
> I have considerable sympathy in theory for your viewpoint, but in 
> practice, the Sender header was deprecated a long time ago.  Most MUAs 
> ignore it, the few that don't display it in a way that just confuses people.

According to _what_ standard do MUAs interpret the semantics of
EMail then?

AFAIK, the relevant standard that the IETF published for this
purpose is rfc5322, and in that specification, Sender: is alive
and kicking just the way it has been since rfc822.

                   If the originator of the message can be indicated
   by a single mailbox and the author and transmitter are identical, the
   "Sender:" field SHOULD NOT be used.  Otherwise, both fields SHOULD

Now if you're wonding what that "SHOULD" in there means,
there is a reference to rfc2119 at the beginning of rfc5322,
(a pretty common reference in IETF specifications...)

   1.2.1.  Requirements Notation

   This document occasionally uses terms that appear in capital letters.
   When the terms "MUST", "SHOULD", "RECOMMENDED", "MUST NOT", "SHOULD
   NOT", and "MAY" appear capitalized, they are being used to indicate
   particular requirements of this specification.  A discussion of the
   meanings of these terms appears in [RFC2119].

which leads to

   3. SHOULD   This word, or the adjective "RECOMMENDED", mean that there
   may exist valid reasons in particular circumstances to ignore a
   particular item, but the full implications must be understood and
   carefully weighed before choosing a different course.

MUAs that goof the semantics of the "Sender:" header field are either
not implementing EMail the way it has been specified by the IETF,
or they goofed the second part of the above explanation for SHOULD.