Re: DMARC methods in mailman

[Hector Santos <hsantos@isdg.net>]

On 12/19/2016 3:12 AM, Harald Alvestrand wrote:
>
> The ISE mechanism exists to get things published that matter to the
> Internet.
> It was clear at the time DMARC was published that it would be used
> whether it was published as an RFC or not. Publishing the document at
> least gave us a stable reference to be angry at.
>
> It would actually be harder to publish a document saying "DMARC is bad,
> don't use it, use that other thing instead" if there was no stable
> reference for what we mean by DMARC.
>
> I'd describe the so-far inaction more as "shut your eyes and hope it
> will go away when others figure out that the solution is bad" than as
> "sitting on the fence". Didn't work any better, though.

Lets keep in mind the proposed standard ADSP was officially abandoned 
by the same group that pushed the informational status "Super ADSP" 
DMARC replacement protocol.  This replacement did absolutely nothing 
to resolve the long time fundamental problem of addressing "middle 
ware" (list servers) breaking DKIM signed electronics messages nor the 
authorization of 3rd party signers.

We should perhaps recognize it is time to also abandoned DMARC as well 
or fix it with the many suggested improvements, including 3rd party 
authorization DNS lookups which is far simpler and "cheaper" than 
adding additional complexed headers and overhead to the mail system. 
Its not even a "proposed standard" document

We wanted list systems to change but we don't want the change to 
include DNS lookup protocols. Instead, we pushed very complex mail 
altering algorithms and that just isn't working -- obviously.

In my opinion, the IETF has failed the small to mid size 
implementators by catering to the "super large scale" mail providers. 
  That also needs to change within the IETF.  A protocol that is 
written correctly fits all. Size shouldn't matter.   That philosophy 
has been lost, unfortunately.

Happy Holidays

-- 
HLS