Re: DMARC: perspectives from a listadmin of large open-source lists

"John R Levine" <johnl@taugh.com> Mon, 14 April 2014 04:10 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4AA01A032C for <ietf@ietfa.amsl.com>; Sun, 13 Apr 2014 21:10:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.542
X-Spam-Level: *
X-Spam-Status: No, score=1.542 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, SPF_NEUTRAL=0.779] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0nJLLg0rootb for <ietf@ietfa.amsl.com>; Sun, 13 Apr 2014 21:10:29 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) by ietfa.amsl.com (Postfix) with ESMTP id 1DD561A0330 for <ietf@ietf.org>; Sun, 13 Apr 2014 21:10:28 -0700 (PDT)
Received: (qmail 76324 invoked from network); 14 Apr 2014 04:10:25 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent:cleverness; s=12a23.534b5fb1.k1404; bh=iWwEktwxUc3o7mtsajWuh8IwaQbBiaEmWY+rVmnpDu8=; b=kdwJQGuvjqYW02SmMnF035Smllapks+iB9U2tmsBTu3VXzz55IuqkX1sb/Kq7ZcjLR38IuRwygu/LFrp3TSB97YOJImxJ9VqX54KA8/xRvEZzQa832N5RPHp6gq6ZrhVWLNd2KGyACSxjW4BOW0vh3petZespPfrr40wCZNsWPNRNqAWElquyk0GrBrL3IQJAcYLp4LAvNxTDEFr3TNTzHzcknmeaPZV808GulmNpiaOpSJMAAuxgvOsUuLJ/gsL
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent:cleverness; s=12a23.534b5fb1.k1404; bh=iWwEktwxUc3o7mtsajWuh8IwaQbBiaEmWY+rVmnpDu8=; b=J2Q0y4XYJ1E84UtqD8AI7fCLUhTVR8oE4wrUkm9tWvWyh5sPTeT5B0fsE3BcCzEAQaKR/W5aEhUQ2xmTvAHNEdiSvbTZm7j5CettjOVWujGe4pRLn3QWE/jmdGTdYYvxBaVPXqUEx05ZajIK4OjyFJi5V2p2vvPlhr2FeFTvJ5fqvEXhA+DmHjAC9NlnW0eGimYS4mVZHsjrj+8zBLxyth6P66tPMhBIZ2fhmnQ8qvCcqXo92o6dH8QmiIP2SbjK
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.0/X.509/SHA1) via TCP6; 14 Apr 2014 04:10:25 -0000
Date: 14 Apr 2014 00:10:25 -0400
Message-ID: <alpine.BSF.2.00.1404132346420.26386@joyce.lan>
From: "John R Levine" <johnl@taugh.com>
To: "John C Klensin" <john-ietf@jck.com>
Subject: Re: DMARC: perspectives from a listadmin of large open-source lists
In-Reply-To: <E0B7196CB2603B80BBEC21AF@JcK-HP8200.jck.com>
References: <20140414024956.26078.qmail@joyce.lan> <534B524F.4050206@dcrocker.net> <alpine.BSF.2.00.1404132327560.26258@joyce.lan> <E0B7196CB2603B80BBEC21AF@JcK-HP8200.jck.com>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
Cleverness: None detected
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/bhIvZFjfyp6EVWXtdmfstPAIfbU
Cc: IETF general list <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Apr 2014 04:10:33 -0000

> Sadly, there are a non-trivial number of MTA installations whose
> implementers or operators, having discovered that they had not
> seen a legitimate use of the percent hack in years, decided that
> they were about as likely to appear in legitimate messages as
> source routing and dealt with them accordingly.  Put more
> simply, a "%" in a local-part may be least as likely to get a
> message rejected or dumped as a badly specified DMARC record, so
> the one is really not a very good cure for the other.

Since the percent hack became a famous vector for open relay abuse, so we 
all stopped honoring it.  A lot of MTAs still reject anything with a % 
saying something like no more source routing.  Mine does.

So this would require inventing something with the same semantics as the 
percent hack, but a different syntax.  Perhaps we can use an exclamation 
point.

Regards,
John Levine, ima!johnl@cca.arpa
Please consider the environment before reading this e-mail.