Re: DMARC from the perspective of the listadmin of a bunch of SMALL community lists

mrex@sap.com (Martin Rex) Fri, 25 April 2014 03:54 UTC

Return-Path: <mrex@sap.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B39B21A02ED for <ietf@ietfa.amsl.com>; Thu, 24 Apr 2014 20:54:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.552
X-Spam-Level:
X-Spam-Status: No, score=-6.552 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nXhIOo5gSqsm for <ietf@ietfa.amsl.com>; Thu, 24 Apr 2014 20:54:58 -0700 (PDT)
Received: from smtpde01.sap-ag.de (smtpde01.sap-ag.de [155.56.68.170]) by ietfa.amsl.com (Postfix) with ESMTP id 15C401A0115 for <ietf@ietf.org>; Thu, 24 Apr 2014 20:54:57 -0700 (PDT)
Received: from mail05.wdf.sap.corp by smtpde01.sap-ag.de (26) with ESMTP id s3P3soRq022082 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 25 Apr 2014 05:54:50 +0200 (MEST)
Subject: Re: DMARC from the perspective of the listadmin of a bunch of SMALL community lists
In-Reply-To: <alpine.BSF.2.00.1404242208020.36815@joyce.lan>
To: John R Levine <johnl@taugh.com>
Date: Fri, 25 Apr 2014 05:54:50 +0200 (CEST)
X-Mailer: ELM [version 2.4ME+ PL125 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="ISO-8859-1"
Message-Id: <20140425035450.7400C1ACE0@ld9781.wdf.sap.corp>
From: mrex@sap.com (Martin Rex)
X-SAP: out
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/OYxBAxdl4_0hPUZAm1rmarCRUBQ
Cc: IETF general list <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: mrex@sap.com
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Apr 2014 03:54:59 -0000

John R Levine wrote:
>
>> SPAM filtering MUST be implemented as voluntary opt-in, otherwise it will be
>> illegal, as you correctly notice.  Spam-filtering can only be legal when
>> it is performed strictly on behalf of the recipient, the receipient is
>> in full control over the behaviour all the time, and the blocking or
>> deletion of any messages is performed with explicit and voluntary
>> (i.e. condition-free) consent of the receipient himself.
> 
> If that were true, there would be no Gmail, Hotmail, or Yahoo mail users 
> in Germany, since they offer only limited control over spam filtering, and 
> some stuff, e.g. DNSBL blocks, is unconditional.

Why?  Germans are allowed to use/subscribe to services that hosted/operated
outside of Europe and under foreign jurisdiction, i.e. without the
protections that European and national jurisdiction provides.
But we do not have to.  So it would be unreasonable to do so,
where viable local alternatives exist.  But certainly it is permitted.


> 
> I expect that the mail systems make it a condition of subscription that 
> the recipients consent to the mail system doing whatever it has to do to 
> filter incoming mail.

What telecommunication service providers can legally offer depends on the
jurisdiction under which they're operating.

Fortunately our legislators are not that naive.  The statue explicitly says,
that pretty much all such "under the condition" consent agreements signed by
the subscriber will be legally void.  (§95 Abs. 5 TKG)


Under German jurisdiction, at least, telecommunication service providers
that (a) offer their services to the public and (b) connect to public
communication networks and (c) enable communication between at least
one of their own subscribers and any public communication networks
becomes subject to the exact same regulations as all big TelCos,
and MUST respect the protection of the telecommunication privacy for
*ALL* of their subscribers and all communications between subscribers
(own subscribers as well as subscribers of other service providers).


-Martin