IETF Logo Mail Archive

Re: Will mailing lists survive DMARC?

Hector Santos <hsantos@isdg.net> Wed, 30 April 2014 13:13 UTC

Return-Path: <hsantos@isdg.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B29E81A0684 for <ietf@ietfa.amsl.com>; Wed, 30 Apr 2014 06:13:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.602
X-Spam-Level:
X-Spam-Status: No, score=-99.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, J_CHICKENPOX_110=0.6, J_CHICKENPOX_14=0.6, J_CHICKENPOX_16=0.6, J_CHICKENPOX_46=0.6, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SzcgIoZEvs9T for <ietf@ietfa.amsl.com>; Wed, 30 Apr 2014 06:13:41 -0700 (PDT)
Received: from mail.santronics.com (secure.winserver.com [208.247.131.9]) by ietfa.amsl.com (Postfix) with ESMTP id 669211A047D for <ietf@ietf.org>; Wed, 30 Apr 2014 06:13:40 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=4090; t=1398863616; h=Received:Received: Received:Received:Message-ID:Date:From:Organization:To:Subject: List-ID; bh=zcF8R0GPQ6XSDxXzqpRzS+KNNaA=; b=OrNoUBA2weE0JIZiaGKM oX8ONFsDnTygyENP0wBbJ7HnsiAGStovihw8ICf7F7pliwuf4h8H50BvYrN4MpIH ueq8rh+dLwTK9rsAgeYQ+Us615jkjvs4v9alHTpCmV1QHuSQZjolFJlUtcOXCGFb H+mGmfWrmolvqrIdqeH7U5Y=
Received: by winserver.com (Wildcat! SMTP Router v7.0.454.4) for ietf@ietf.org; Wed, 30 Apr 2014 09:13:36 -0400
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; adsp=pass policy=all author.d=isdg.net asl.d=beta.winserver.com;
Received: from opensite.winserver.com (beta.winserver.com [208.247.131.23]) by winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 1972177353.3.2064; Wed, 30 Apr 2014 09:13:34 -0400
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=4090; t=1398863520; h=Received:Received: Message-ID:Date:From:Organization:To:Subject:List-ID; bh=TzbWowt 2ZVxiZafsXNyKjE6kvC91x+ojmpah/JqXVL4=; b=b6jIiLpHIJoygdeqPHKcCPY t0DG4SzRTQPkxQTZXA0XkEngUvGGL7kmRwUx6GINnUZkTGzV4CMIeoCN1J5RTSPO g5fjhTjG64xKagMvObfApzXRherD3fGbiDm4IgRL9gha9cAtJNtPSNHze28gz11G vf5uxguzv9QjS8k+AQMA=
Received: by beta.winserver.com (Wildcat! SMTP Router v7.0.454.4) for ietf@ietf.org; Wed, 30 Apr 2014 09:12:00 -0400
Received: from [192.168.1.2] ([99.121.4.27]) by beta.winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 1991697015.9.11956; Wed, 30 Apr 2014 09:12:00 -0400
Message-ID: <5360F6FD.1030502@isdg.net>
Date: Wed, 30 Apr 2014 09:13:33 -0400
From: Hector Santos <hsantos@isdg.net>
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: Alessandro Vesely <vesely@tana.it>, John C Klensin <john-ietf@jck.com>, ietf@ietf.org
Subject: Re: Will mailing lists survive DMARC?
References: <20140429124528.GA1324@mx1.yitter.info> <alpine.DEB.2.02.1404291502320.29282@uplift.swm.pp.se> <535FA739.3060608@dcrocker.net> <alpine.DEB.2.02.1404291524500.29282@uplift.swm.pp.se> <14DE2BC840FF3B8AA4A167EC@JcK-HP8200.jck.com> <5360DD52.1020108@tana.it>
In-Reply-To: <5360DD52.1020108@tana.it>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/c1DY5dwqpYNr-W19YG63yNeXZrE
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Apr 2014 13:13:43 -0000

On 4/30/2014 7:24 AM, Alessandro Vesely wrote:

>> So, as a purely hypothetical set of questions (I am not
>> recommending anything), I wonder what would happen if some of
>> the people who have been claiming they or the general public are
>> harmed by this would, instead of asking what the IETF can do
>> about something that is not an IETF Standard, went to their
>> local "competitiveness" or "antitrust" authorities, explained
>> the situation and started complaining?
>
> I'm neither a lawyer nor an ML admin, so I'm not going to claim
> damage.  Yet, like most of us, I'll be harmed if MLs stop working well.
>

This was only a surprise to the people we were resistance to adding 
policy support.  Author Domain Policies had the same "know your 
network" migration issues SPF did.  Domains had to adjust by switching 
to more relaxed domains to participate in a public networking arena. 
I did the same. I remove all public usage of company's exclusive 
domains santronics.com and winserver.com and switched them to isdg.net 
where its a more relaxed author domain policy and one I can use to 
explore with.   Everyone serious about this stuff were aware of this 
stuff for nearly 9 years.

Besides, it was written in the DKIM abstract with its questionable 
"responsibility" semantics which I kept saying it really needs to get 
removed or get rephrased.

    DomainKeys Identified Mail (DKIM) permits a person, role, or
    organization that owns the signing domain to claim some
    responsibility for a message by associating the domain with the
    message.

If you are going to ask domains to begin signing, put investment in 
it, then why would anyone thing they would not want to invest in 
protecting the signature, and thus the message?

The only way to do this was with the original proof of concept -- 
AUTHOR DOMAIN SIGNING POLICIES!  Hate yelling it but is seems to be a 
central key point in all this forgotten.

Of course, the other argument could be that we don't want such strong 
and food for legal eagles semantics in our docs.  We continue to face 
this passé mail design attitude for relaxation, incremental changes, 
yet, the problems do not get resolved this way.  Without the strong 
semantics, you can't deal with the legacy abuse mail operations. You 
lack a payoff. DMARC has forced that "relaxed" mail design mentality 
to change for the IETF.

>> I also wonder whether the IETF and ISOC have, or should seek, legal
>> advice about how to keep adequate distance between themselves and
>> this situation should some relevant jurisdiction initiate an
>> investigation or enforcement action.
>
> Rather than rebuffing responsibility, I'd expect the IETF to invent
> something new, which works much like ML used to, but is compatible
> with DMARC.  Yes, we may continue to call them "mailing lists".  The
> alternative, to blame domains which follow the leading trend, doesn't
> seem to be very promising...

They keep saying they don't think think the MLS needs to change, too 
historic. Its ok to add DKIM, but not Policy?  I don't buy it. I'm a 
long time MLS developer we have hundreds of operators with list 
operations.  It didn't make sense to me why you would add something 
that was half-ass complete.  Probably explains I'm one of the few 
implementators, if not the only one, of DKIM+POLICY (ADSP, ATPS) n a 
mailing list server product.

Adding DMARC is not going to be a problem.   It remains the same, it 
will be just like before with ADSP with the end of the day setup 
semantics:

     p=reject     is only for EXCLUSIVE domains for SYSTEM-WIDE 
application.
     p=quarantine is only for EXCLUSIVE domains for PER USER (junk 
bins) application.
     p=none       is for all, but with unknown handling.

If that is how it needs to be doc for my sysops, so be it.

The only issue would be to add a deployment option for p=reject

   [X] Enable DMARC

    (o) p=none
    (_) p=quarantine
    (_) p=reject
        (o) SMTP Reject with response ____________________
        (_) Accept and discard
        (_) Accept and keep


Or something like that.

-- 
HLS

v2.23.0 | Report a Bug | By Email