Re: DMARC: perspectives from a listadmin of large open-source lists

Dave Crocker <dhc@dcrocker.net> Mon, 14 April 2014 03:15 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D21D1A031F for <ietf@ietfa.amsl.com>; Sun, 13 Apr 2014 20:15:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.5
X-Spam-Level:
X-Spam-Status: No, score=-1.5 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eHhHSRs6A9e4 for <ietf@ietfa.amsl.com>; Sun, 13 Apr 2014 20:15:34 -0700 (PDT)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) by ietfa.amsl.com (Postfix) with ESMTP id E8F2F1A0315 for <ietf@ietf.org>; Sun, 13 Apr 2014 20:15:33 -0700 (PDT)
Received: from [192.168.1.66] (76-218-8-156.lightspeed.sntcca.sbcglobal.net [76.218.8.156]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id s3E3FS0e024296 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Sun, 13 Apr 2014 20:15:31 -0700
Message-ID: <534B524F.4050206@dcrocker.net>
Date: Sun, 13 Apr 2014 20:13:19 -0700
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: John Levine <johnl@taugh.com>, ietf@ietf.org
Subject: Re: DMARC: perspectives from a listadmin of large open-source lists
References: <20140414024956.26078.qmail@joyce.lan>
In-Reply-To: <20140414024956.26078.qmail@joyce.lan>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.66]); Sun, 13 Apr 2014 20:15:31 -0700 (PDT)
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/PK_92HxYFocd2Go87WjrwDuoSbQ
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Apr 2014 03:15:35 -0000

On 4/13/2014 7:49 PM, John Levine wrote:
>> Meanwhile, I'm still not proposing that we train users, or even
>> anti-spam software to "recognize" or "validate" mailing list addresses.
>> What I'm proposing is a way to send mail from a list with From:
>> @domain-of-list.tld so that it can pass DMARC/SPF/DKIM, and allow the
>> left side of the @ sign to identify the actual sender of the message.
>
> Yes, that's the 1980s percent hack.


1979, to be precise, for MMDF's relaying telephone/Arpanet mail with the 
original funding agency, the Army Materiel Command, and then the NSF's 
CSNet.  It was difficult to find a character that made any intuitive 
sense and wasn't already taken.

As an overall construct, in this case, it might work pretty well.  It 
preserves all of the original address in a way that is easily 
machine-parseable.

It treats the list engine as a kind of gateway.  This means that a reply 
to that address will show up at the list host and needs to be relayed to 
the intended recipient.  While a bit inefficient -- and probably will 
emerge as an attack vector (sigh) -- it's a plausible mechanism.

d/
-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net