Re: (DMARC) Why mailing lists are only sort of special

"John R Levine" <johnl@taugh.com> Wed, 16 April 2014 20:57 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 786391A02E8 for <ietf@ietfa.amsl.com>; Wed, 16 Apr 2014 13:57:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.357
X-Spam-Level:
X-Spam-Status: No, score=-0.357 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, SPF_NEUTRAL=0.779] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bQnuTbvMtYuS for <ietf@ietfa.amsl.com>; Wed, 16 Apr 2014 13:57:27 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) by ietfa.amsl.com (Postfix) with ESMTP id 5E4601A02AC for <ietf@ietf.org>; Wed, 16 Apr 2014 13:57:26 -0700 (PDT)
Received: (qmail 11351 invoked from network); 16 Apr 2014 20:57:23 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent:cleverness; s=2c56.534eeeb3.k1404; bh=EYdqHImTBaFG/+9zBHBKoYhR5seHxMoqpao/y7+NxT8=; b=npo6wwpKkXmixo33OBYwiMK5GxE20XvPB9WvhHEvlK81MhacfdtmgdF8dxKKL4oCDW4wQ66rrbITEmCM95tnWx9a2W2KC2DQxKa7gRPb1zEiSPLZ8RGql65H/0iE6k5OW7jdiEOdrNa5FcLTtfKHf7yVIHFkPxOBaHKo++vrfF4q7xL/W4Rwn+KkkrilxwCVYcsytFucu00krbfnLXO2dEm2JGAmcp/CEUhRDx2004hGqQbDpXii0rAYfVpGUYky
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent:cleverness; s=2c56.534eeeb3.k1404; bh=EYdqHImTBaFG/+9zBHBKoYhR5seHxMoqpao/y7+NxT8=; b=Gu0hg4Cz04eS/AcPW3L3I7IBxqi/t7cEa4G0NHuAIAjEpdVMkQpPIMtOlzG/N81mBiXRknkBDQ7jNCcjp1VMSlXhM6BHKG5nB4PrqJLOECFHoRKkUsyoRdfv9Rp5Rb2Unwa7LuijE0miV1QVW9OykLDhyjUVRm4ig7Db8VZLijwrEuGp2dE30FPxtXEGPJmfxL6wbwS7nzIsZDtVimWQgBdfg6K6DkS2NLI6FYm4EbJpuAbOGWr7/R803EukBjxg
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.0/X.509/SHA1) via TCP6; 16 Apr 2014 20:57:23 -0000
Date: 16 Apr 2014 16:57:22 -0400
Message-ID: <alpine.BSF.2.00.1404161654430.2065@joyce.lan>
From: "John R Levine" <johnl@taugh.com>
To: "Dave Cridland" <dave@cridland.net>
Subject: Re: (DMARC) Why mailing lists are only sort of special
In-Reply-To: <CAKHUCzzw9mufrTCOBQOkRrZU6wOM21X8Y=FUEKf=qnzS9VESjA@mail.gmail.com>
References: <CE39F90A45FF0C49A1EA229FC9899B0507D45766@USCLES544.agna.amgreetings.com> <20140414214949.32126.qmail@joyce.lan> <CE39F90A45FF0C49A1EA229FC9899B0507D460CB@USCLES544.agna.amgreetings.com> <alpine.BSF.2.00.1404142150430.32657@joyce.lan> <CAL0qLwbPMm_i0fqNSGQPv=xZaiNASy=icsRNudaNJ_3PNtX3Og@mail.gmail.com> <alpine.BSF.2.00.1404151832460.38826@joyce.lan> <CAL0qLwZUptJVw85T2FjB2HRGoOvcOUHKiQXeadM0QE9BsFVM9w@mail.gmail.com> <CAKHUCzxpwS+nR9wRGOzU_83f7XabMr0pwB5x-MHrqM-28r80kw@mail.gmail.com> <CAKHUCzzw9mufrTCOBQOkRrZU6wOM21X8Y=FUEKf=qnzS9VESjA@mail.gmail.com>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
Cleverness: None detected
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/LhtHDt51OFVijN0qGYBqi2OVlYg
Cc: "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Apr 2014 20:57:31 -0000

> This means that mailing lists (and other forwarding cases) are enforced
> into having DMARC records in order to forward DMARC originating messages,
> which seems reasonable, and the Sender addresses must also be relatively
> sensible, which they normally are already.

> I may be missing something.

How do I distinguish the nice mailing lists at ietf.org from random evil 
spammer domains sending spam with List-ID headers?

Every proposal I've seen like this ends up tripping over the fact that 
there is no technical way to distinguish between mail from real mailing 
lists and spam that looks like it's from mailing lists.  Hence you need a 
whitelist for the real mail, at which point all of the mechanism beyond 
the key for the whitelist (probably a DKIM signature) is superfluous.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.