Enabling DMARC workaround code for all IETF/IRTF mailing lists

Alexey Melnikov <aamelnikov@fastmail.fm> Fri, 11 May 2018 11:48 UTC

Return-Path: <aamelnikov@fastmail.fm>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 40B6712E88D for <ietf@ietfa.amsl.com>; Fri, 11 May 2018 04:48:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmail.fm header.b=RXGAoDb2; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=hMCIFTSU
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 17iPmsA4Uin4 for <ietf@ietfa.amsl.com>; Fri, 11 May 2018 04:48:20 -0700 (PDT)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA473124B0A for <ietf@ietf.org>; Fri, 11 May 2018 04:48:20 -0700 (PDT)
Received: from compute7.internal (compute7.nyi.internal []) by mailout.nyi.internal (Postfix) with ESMTP id 516FD26161 for <ietf@ietf.org>; Fri, 11 May 2018 07:48:20 -0400 (EDT)
Received: from mailfrontend2 ([]) by compute7.internal (MEProxy); Fri, 11 May 2018 07:48:20 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.fm; h= content-transfer-encoding:content-type:date:from:message-id :mime-version:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; bh=dt05msbvqBoxW5Fd8A+w1+/aKQ2zA1d7akGZj4tNydk=; b=RXGAoDb2 z0A8kQu/+4uqzP1O+9IwnNjTvICqshTpp+25IuXqwezMTUAL5yatoN9opSyMcNtX aZbQ818B+LtIUxDJxc6Row/G7SaHJIPlWNiEcowhVS/FEXjomnuDigSQZokj9llK A36F99rCyzQC1am5s3KalH93dMvXg99r9bIU+SG/TOKG6sdCQSiY11QLqzelHhIi wg6JW8pbosdqdjr0CBIg8osXIzWoUHwy8xQeSOnuMqYX7k+M3Gw28epuNxpmXXf7 AErz50fSSynD7jlvRsPdM3DdC2IjT1nNctTXI9YC4mwwh7Hw4KEjBqWb2M73YQpI bvcpExmZKgoQHg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:message-id:mime-version:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm2; bh=dt05msbvqBoxW5Fd8A+w1+/aKQ2zA 1d7akGZj4tNydk=; b=hMCIFTSUQD51gnY18YZ8a0B+MExY0JDeglbERt9XIjhtr djb9WKbeVs4Vfv4OD+VJAxUnuBjJFzuIIuGmmNqdN9LbalsYM5fhrlAhyxWrU3it nI6BtH3/7EuaI6EABXobFgg7qTtZ+y+SWM68tFLG2B0J2cbCUnGswA9sX6CtCqna KD+EEd7K2zLw/8gNixtb/ZflsxFAocNTAqJKY1uZKoJHQziwLcWSL59OmcHjeooh GxnkjU9/nZf4ZKCT9GJ+QjnCtA+9VTGer7KugEh4EkbcLA4p+zaIEP2a2YfDdz1C X1wrXIRCSXFwZR0lXlcvsvNUk48s+aAy5k/14JIzg==
X-ME-Sender: <xms:BIP1WoARjEdAz0B1UnU9QjvkvWEUO-UlxcHxL24drXrDdtcdbPdD-Q>
Received: from [] (unknown []) by mail.messagingengine.com (Postfix) with ESMTPA id EEB6F102C1 for <ietf@ietf.org>; Fri, 11 May 2018 07:48:19 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Subject: Enabling DMARC workaround code for all IETF/IRTF mailing lists
Mime-Version: 1.0
To: ietf@ietf.org
From: Alexey Melnikov <aamelnikov@fastmail.fm>
Date: Fri, 11 May 2018 13:00:15 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <919855CA-9F77-420A-8B8F-79174CD2FC19@fastmail.fm>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/fZzt1mhBPqxG93y05ruGmMey9x4>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 May 2018 11:48:22 -0000

Many of you have seen several long discussions thread about DMARC and how it affects use of IETF/IRTF mailing lists.

After testing DMARC workaround code written by Henrik Levkowetz on several high volume IETF and IRTF mailing lists (e.g. CFRG, WebRTC, DMARC, QUIC), the tools team and the IESG decided that Henrik's code should be deployed for all IETF and IRTF mailing lists. In particular the workaround allows people from DMARC p=reject domains to participate in IETF mailing lists, as well as to avoid the problem of recipients being unsubscribed from mailing lists. These 2 issues were the main reasons for developing the DMARC workaround code.

The workaround will be deployed today, May 11th.

Below are some technical details on how the email address rewriting workaround is going to work:

Emails from domains that don't have a p=reject DMARC setting are not going to be affected in any way.

For emails from p=reject domains:

- The From header field of such emails will be rewritten to be under @dmarc.ietf.org domain (which will have a p=none policy). For example, "alexey@example.com" email address would become "alexey=40example.com@dmarc.ietf.org". The original From header field will be preserved in the X-Original-From header field, which can be used for automatic message processing by Sieve and Mail User Agents.

Note that the mapping is reversible, so it is possible to send replies or new messages to an original sender by sending them to the corresponding mapped @dmarc.ietf.org email address.

Best Regards,