Re: [IETF] DMARC methods in mailman

Yoav Nir <> Sun, 25 December 2016 11:11 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id F1D3212966A for <>; Sun, 25 Dec 2016 03:11:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id MSs19ckv_T08 for <>; Sun, 25 Dec 2016 03:11:05 -0800 (PST)
Received: from ( [IPv6:2a00:1450:400c:c01::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4A307124281 for <>; Sun, 25 Dec 2016 03:11:05 -0800 (PST)
Received: by with SMTP id hb5so12624354wjc.2 for <>; Sun, 25 Dec 2016 03:11:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=3wWipAhEVZ/l2dbphWoZTfZ1DC/0M6uFMLrIU72UhGU=; b=p1cgH6nbhsfNDAZ+YI9g3NpuhJ33s7pKYs0CWjeEroIoEsqAP06hI05Znn91qdg9jt l25zn8MLJXeleEbvblCoTqQAgZpyBa6t4K9OrG1k6Z7ZabL03elR/DkG7xeL7mQC2mzB PN3RMpzhtSt8LEAiCekyqHoJpKckLWCe6BO1WiHr8DJ5j+a9Xr75FKh2YPtLjjOHVvbG qbbc/uuQZxEjsqRHAIniKrAEbnyd+32UdUv0ytyD7uSTMjfgzKAoTTXLt2mUl1gvPeUI b2NHzEoTYT49a+cOIfeCpqGYxOkbqIja553q9tESxx8SaT/uRJKeuFnFQKe7Nv7/UXjl r/7g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=3wWipAhEVZ/l2dbphWoZTfZ1DC/0M6uFMLrIU72UhGU=; b=I/XjlNWHgEtMOBfjkwZ6taRjADRrtsrlufTq7d7cSrpxlYNtN7Ywjt4P+6YlMOtEUn 1t/gYV5aVBTumcZvW/+k0b4yzXLz1mpF7uXyXobPITpkev9JxUPG55hqFoFOLYZ+mi6w 4HO3NDbSdaIjHNfFHDAogg7aD8l3x6xACoAUYtHKMPGlHk/zCSvD3K/xaW8ECkYuiapB xpb0leFeASrtOhpU79mK296H1Zc2AfaAC40+6wFjR1zR0TcovAXwdW1GuTuNBYnxqbVC AsETgzC4lRKouA+BaPktSAV5kQH6f/guhYLCzV40e9R5RGYnY0wuUuQCIyWKrwOAJr9Q grKA==
X-Gm-Message-State: AIkVDXIsO7QKkRj03RnHbcaEOkhjJM/F26osiSYEHHxnrEhG62u88wMW/hAWI3USl/sMlA==
X-Received: by with SMTP id as2mr23761847wjc.77.1482664263570; Sun, 25 Dec 2016 03:11:03 -0800 (PST)
Received: from [] ( []) by with ESMTPSA id v2sm49760461wja.41.2016. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 25 Dec 2016 03:11:02 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\))
Subject: Re: [IETF] DMARC methods in mailman
From: Yoav Nir <>
In-Reply-To: <>
Date: Sun, 25 Dec 2016 13:11:00 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <>
To: Philip Homburg <>
X-Mailer: Apple Mail (2.3259)
Archived-At: <>
Cc: IETF general list <>
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 25 Dec 2016 11:11:07 -0000

> On 25 Dec 2016, at 1:14, Philip Homburg <> wrote:
> In your letter dated Sat, 24 Dec 2016 13:45:12 -0500 you wrote:
>> As I mentioned before, for me, the most usable option is avoiding
>> message modification of any kind, which leaves the origin DKIM
>> signature valid.  I've not seen anyone comment on whether that's
>> workable for IETF WG lists (it works well enough for *this* list).
> For me, the current behavior of the ietf lists is perfectly fine.

For me it’s not fine. And not just because I use gmail. If someone whose email provider has a DMARC p=reject record sends a message to the list and half the subscribers don’t see that message, the conversation gets disrupted even if the other half sees it. 

Check out the mailing list for Token Binding working group. The most frequent posters are from Microsoft and Google, and I have to fish their messages out of the spam folder every few days to keep up with the conversation. That disrupts the entire working group, not just the people with the DMARC record or the people whose provider respects DMARC headers.

> It is very nice to see the mailing list in the subject. It is also
> very nice to have a proper From header.
> That's why I proposed a per-subscriber setting such that only those
> who are actually stupid enough to reject or otherwise drop mail based
> on DMARC have to see mangled mailing list traffic.

“Stupid”?  Most of us have the choice of a corporate mail account where we have no control over policy, and a public provider mail account where we also have no control over policy. Yes, we can install our own mail server and set whatever policy we would like. That is not a viable option for most people

> There no technical reason for a one-size-fits-all solution. So let's
> stop investigating those types of solutions.

 A per-receiver setting is one extra step for new subscribers. That’s something I’d rather avoid.