Re: Do we actually want to do anything about DMARC?

["John Levine" <johnl@taugh.com>]

>> Marissa@yahoo.com.MANUALLY.REMOVE.THE.TRAILING.PARTS would involve ...

>>From what John has said, he's actually made the from field work:
>
>% dig -t mx dmarc.fail +nocomments
>
>; <<>> DiG 9.10.3-P4-Debian <<>> -t mx dmarc.fail +nocomments
>;; global options: +cmd
>;dmarc.fail.			IN	MX
>dmarc.fail.	3599	IN	MX	20 mail1.iecc.com.

Yup.  It's even DNSSEC signed.

$ dig yahoo.com.dmarc.fail mx +dnssec

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47725
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 512
;; QUESTION SECTION:
;yahoo.com.dmarc.fail. 		IN     	MX

;; ANSWER SECTION:
yahoo.com.dmarc.fail.  	3599   	IN     	MX     	20 mail1.iecc.com.
yahoo.com.dmarc.fail.  	3599   	IN     	RRSIG  	MX 8 2 3600 20161011000000 20160810041505 58563 dmarc.fail. J9UaHbKJPwu5vK/jxJKrv0pZH6bzI8TgDY78m4S8SWUiUoB/irnlur3Z SsowLaiOjekzhYqiPmT6KOq7dt2G0lD5Pil4Z8SA0MCFWHcYyyWNMT/D eka93UNGoFzVBzNCYLzTyduy/P01isqKelkC6BZaX7tTm2CWlLKD9Th6 avM=


>I do wonder how he deals with the spam reputation problem of his
>forwarding server if too many spammers try to send mail to
>marissa@yahoo.com.dmarc.fail --- I assume he must do a lot of
>anti-spam filtering and is refusing to forward stuff which is spam?

I turn off the forward a day or so after the list message goes out.
The forwarder uses the usual Spamhaus BLs to block incoming mail.  So
far the amount of spam has been too low to notice.  Maybe I'm lucky,
but I think the time limited time addresses make scraping and spamming
unproductive.

As I noted in an earlier message, the IETF already has a bazillion
forwarders for I-D and RFC authors, so this problem is not a new one
for the IETF.

R's,
John