Re: DMARC: perspectives from a listadmin of large open-source lists

Sabahattin Gucukoglu <listsebby@me.com> Tue, 08 April 2014 05:06 UTC

Return-Path: <listsebby@me.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE2F51A010C for <ietf@ietfa.amsl.com>; Mon, 7 Apr 2014 22:06:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T8oEUhkt0WW8 for <ietf@ietfa.amsl.com>; Mon, 7 Apr 2014 22:06:40 -0700 (PDT)
Received: from nk11p04mm-asmtp002.mac.com (nk11p04mm-asmtp002.mac.com [17.158.236.237]) by ietfa.amsl.com (Postfix) with ESMTP id D21441A010B for <ietf@ietf.org>; Mon, 7 Apr 2014 22:06:39 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: text/plain; CHARSET=US-ASCII
Received: from [192.168.1.6] (natbox.sabahattin-gucukoglu.com [213.123.192.30]) by nk11p04mm-asmtp002.mac.com (Oracle Communications Messaging Server 7u4-27.08(7.0.4.27.7) 64bit (built Aug 22 2013)) with ESMTPSA id <0N3P00DDE4USPU70@nk11p04mm-asmtp002.mac.com> for ietf@ietf.org; Tue, 08 Apr 2014 05:06:33 +0000 (GMT)
Subject: Re: DMARC: perspectives from a listadmin of large open-source lists
From: Sabahattin Gucukoglu <listsebby@me.com>
In-reply-to: <alpine.BSF.2.00.1404072357400.73388@joyce.lan>
Date: Tue, 08 Apr 2014 06:06:27 +0100
Message-id: <E2D6EA08-144D-4DB3-ABFC-6F98AF3C588F@me.com>
References: <robbat2-20140408T031810-279861577Z@orbis-terrarum.net> <alpine.BSF.2.00.1404072357400.73388@joyce.lan>
To: John Levine <johnl@taugh.com>
X-Mailer: Apple Mail (2.1510)
X-MANTSH: 1TEIXREEbG1oaGkdHB0lGUkdDRl5PWBoaHhEKTEMXGx0EGx8SBBscHwQdHhAbHho fGhEKWE0XSxEKbX4XGhEKTFkXGxobGxEKWUkXEQpZXhdoY3kRCkNOF0sbHhpiTk1mHBpCaRl4c wcZEhofGhxyGBEKWFwXGQQaBB0HTUsdEkhJHEwFGx0EGx8SBBscHwQdHhAbHhofGxEKXlkXYU9 5QhoRCkxGF2xraxEKQ1oXGBsZBBsYGQQbExgEGRoRCkRYFx4RCkRJFxkRCkJFF2ZQfV0fbWQaB UhjEQpCThdscGB5QB1iUmkaYhEKQkwXZ0kfbXlpGH5yQk0RCkJsF2VoZRhtTRwYQ0ZOEQpCQBd vQlBdfU1pfh0bUBEKcGgXZU5uQH1Qe0tfSxMRCnBoF2xdXxxfHEIaTVNfEQpwaBdpcBofQmNQR hptYxEKcGgXZnxBQ0YTfUtfeFwRCnBoF2RnYksfcmFjGEZMEQpwbBdrZk5rQWVfZlNnAREKcEw XZXJfZ15fSUlMXEsR
X-CLX-Spam: false
X-CLX-Score: 1011
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.11.96, 1.0.14, 0.0.0000 definitions=2014-04-08_02:2014-04-07, 2014-04-08, 1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1402240000 definitions=main-1404070317
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/RX3jOAZXit7m5c5P8JRSnyMKDsQ
Cc: IETF general list <ietf@ietf.org>, "Robin H. Johnson" <robbat2@gentoo.org>, zwicky@yahoo-inc.com
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Apr 2014 05:06:45 -0000

On 8 Apr 2014, at 05:21, John R Levine <johnl@taugh.com> wrote:
> Mailing list apps can't "implement DMARC" other than by getting rid of every feature that makes lists more functional than simple forwarders. Given that we haven't done so for any of the previous FUSSPs that didn't contemplate mailing lists, because those features are useful to our users, it seems unlikely we'll do so now.

Well,  Mailman 2.1.16 has the FROM_IS_LIST feature that "Fixes" the problem by putting the list address in the From: field.  That seems to work, except that you lose information (the sender's address) if the list wants to operate a policy of "Reply goes to list".  You can then assure that DKIM signatures are valid and set up SPF, etc.  This also has the effect of letting you operate through the various cloud email platforms that try to validate sender addresses.

But I agree it's broken.

Cheers,
Sabahattin