IETF Logo Mail Archive

Re: Enough DMARC whinging

Hector Santos <hsantos@isdg.net> Thu, 01 May 2014 18:44 UTC

Return-Path: <hsantos@isdg.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69EA11A7016 for <ietf@ietfa.amsl.com>; Thu, 1 May 2014 11:44:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.001
X-Spam-Level:
X-Spam-Status: No, score=-102.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I8kkYE0MJbGl for <ietf@ietfa.amsl.com>; Thu, 1 May 2014 11:44:06 -0700 (PDT)
Received: from secure.winserver.com (winserver.com [208.247.131.9]) by ietfa.amsl.com (Postfix) with ESMTP id 7369A1A6FE2 for <ietf@ietf.org>; Thu, 1 May 2014 11:44:06 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=2073; t=1398969839; h=Received:Received: Received:Received:Message-ID:Date:From:Organization:To:Subject: List-ID; bh=0j8wPQsUUsUfRPqYSDCCTzcE+xY=; b=HybAXg6tGbv3ggPjzZMN W4WpG5e/U4a+bfstz+nzOMpdWwj6YwnxoE2tar/1Zt5gaqVidBSVVvfXE8ycuXG0 Vb5YVA489ObIWcO7FF6Stw2pzTkfBA20CG06d5m71ddB5mv6tcq8JDRw9pnQd/qd Y6CCPrUSHS+IgPexDrTxh8Y=
Received: by winserver.com (Wildcat! SMTP Router v7.0.454.4) for ietf@ietf.org; Thu, 01 May 2014 14:43:59 -0400
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; adsp=pass policy=all author.d=isdg.net asl.d=beta.winserver.com;
Received: from hector.wildcatblog.com (opensite.winserver.com [208.247.131.23]) by winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 2078400290.672.2296; Thu, 01 May 2014 14:43:58 -0400
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=2073; t=1398969745; h=Received:Received: Message-ID:Date:From:Organization:To:Subject:List-ID; bh=YTfJbGI U81s6A37kAFLvwsiQM5DPISyWECdDpC3+NLA=; b=CFPj+WwVUqNZpheU19CSg5T szdc/eeJhvOL4YzDC0bGZQcMVX6C2E6Rvxz7yEV2T2zIywcUhV8BY3OfzfVCv5Wd NxIb41SlH0j6v0iheTzFfVU0R4FBXGdSSLR89/E6x/OADjh0TcoSNBj0STo6gwbT ViXeLPa/261vXlLVhOMs=
Received: by beta.winserver.com (Wildcat! SMTP Router v7.0.454.4) for ietf@ietf.org; Thu, 01 May 2014 14:42:25 -0400
Received: from [192.168.1.2] ([99.121.4.27]) by beta.winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 2097921281.9.11452; Thu, 01 May 2014 14:42:24 -0400
Message-ID: <536295F1.5030403@isdg.net>
Date: Thu, 01 May 2014 14:44:01 -0400
From: Hector Santos <hsantos@isdg.net>
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: ietf@ietf.org
Subject: Re: Enough DMARC whinging
References: <20140501164852.67665.qmail@joyce.lan>
In-Reply-To: <20140501164852.67665.qmail@joyce.lan>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/ihR_y9NxtWzJpwFFtXAuQVu32wQ
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 May 2014 18:44:09 -0000

On 5/1/2014 12:48 PM, John Levine wrote:
>> Note that historically, mailing list operators have been resistant to
>> the imposition of technical or operational changes.
>
> I think you're overstating things a little.  I am very unsympathetic
> to changes that would require retraining all my users, e.g., putting
> the list address on the From: line.  Technical changes that don't mess
> up the users are no more of an issue than any other software upgrade
> is to a small volunteer site.  In particular, I've never seen anyone
> opposed to adding DKIM signatures to help recipient systems recognize
> the lists.

Don't confused silence with agreement.

Nonetheless, there has been new mail security related world needs for 
a long time now, and everyone has to adjust too.  That includes 
Mailing List Server software developers and list operators, especially 
when you want to change it for resigning and totally ignore the 9+ 
years of Author Domain signature protection methodologies.  Thats pure 
ignorance of mail integration needs. You changed the list system by 
adding DKIM.  That comes with baggage you refused to deal with.

All software product developers,  commercial or otherwise, for many 
list operations, not just one list operator which his own deployment 
views, but all of them, has to support and honor DKIM signing policies 
as well.  I personally MUST because its the sound mail engineering 
thing to do, but I'm happy with a SHOULD. However, you have been 
preaching MUST NOT, and this not right.

You can't have it both ways, John.   MLS software also must ADAPT or 
they are just as bad the bad guys using legacy mail software or legacy 
methodologies with the idea that backward compatibility will always 
available to sneak in with.

With DKIM, we raised the bar, the only way to protect the signature is 
with an originating author domain policy method.

The industry has forced the issue John and I happen to believe it was 
the right way to do it to begin to address the massive abuse of aged, 
spam-pulluted domains.

-- 
HLS

v2.23.0 | Report a Bug | By Email