Re: DMARC from the perspective of the listadmin of a bunch of SMALL community lists Fri, 18 April 2014 15:04 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 8C2A91A0152 for <>; Fri, 18 Apr 2014 08:04:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.774
X-Spam-Status: No, score=-0.774 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, RP_MATCHES_RCVD=-0.272, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id xMQSoP5yPDqA for <>; Fri, 18 Apr 2014 08:04:06 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id EC27B1A01AF for <>; Fri, 18 Apr 2014 08:04:05 -0700 (PDT)
Received: from by (PMDF V6.1-1 #35243) id <> for; Fri, 18 Apr 2014 07:58:57 -0700 (PDT)
MIME-version: 1.0
Content-type: TEXT/PLAIN; CHARSET=iso-8859-1; format=flowed
Received: from by (PMDF V6.1-1 #35243) id <> (original mail from for; Fri, 18 Apr 2014 07:58:51 -0700 (PDT)
Message-id: <>
Date: Fri, 18 Apr 2014 07:47:22 -0700 (PDT)
Subject: Re: DMARC from the perspective of the listadmin of a bunch of SMALL community lists
In-reply-to: "Your message dated Thu, 17 Apr 2014 21:28:43 -0700" <>
References: <> <> <> <> <> <> <> <> <> <>
To: Doug Barton <>
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 18 Apr 2014 15:04:11 -0000

> On 04/17/2014 07:41 AM, wrote:
> > I also find it particularly revealing that one of the arguments being
> > made here is along of the lines of, "Everything else has had to
> > change, why are those stodgy old mailing list thingies somehow
> > exempt?" Except that's not it at all - the approach was always
> > essentially, "We're going to screw you, how about you do X or Y to
> > mitigate the damage a little?" To which the answer, predictably, was
> > less than enthusiastic.

> Another way to look at this is that the IETF, which ostensibly is
> interested in "input from operators," received pretty clear "input" from
> the operators of the largest mail systems on the planet, and
> collectively stuck their fingers in their ears and sang "la la la la la,
> I can't hear you" because it didn't like what was being said.

... except that would be wildly incorrect. In particular, the "operator
community" consists of a lot more than just the proponents of DMARC. Many of
those other operators - including some of comparable size - are now struggling
to deal with the consequences of DMARC.

> The message was pretty clearly, "We think DMARC is valuable enough to us
> that we plan to deploy it even though it has the unfortunate side effect
> of causing problems for mailing lists."

Allow me to rephrase: "We think getting our commerical mail through is worth
sacrificing all sorts of personal mail functionality users depend on. And we
don't care who it hurts, including some shops as large or larger than we are."

> Rather than throwing up our
> hands and telling the DMARC folks that we refuse to work with them
> unless their solution solves the problem of our anachronistic use case
> that that constitutes only a tiny percentage of their overall traffic;

Again with the traffic size as justification for poor behavior. Not all
messages are created equal, and some functions have utility entirely
disproportionate to the amount of bandwidth they use.

> a more rational approach would have been to recognize that the tail is not
> going to wag the dog here and start working with mailing list authors to
> solve the problem of how to live in a world that includes DMARC.

And suppose that would have required some tweaks to DMARC and maybe even
DKIM to accomplish. What part of "no changes" is hard to understand?

> When people talk about how the IETF is out of touch with the operator
> community and increasingly irrelevant, this is exactly the kind of thing
> that they are talking about. We ignore this lesson at our peril.

Well, here we sort of agree. The IETF is indeed out of touch with the operator
community. But not because it fails to talk to the DMARC proponents - which it
actually does do - but rather because it fails to talk to lots of other