Re: DMARC methods in mailman --- [LEDE-DEV] DMARC related mass bounces / disabled subscriptions (fwd) Jo-Philipp Wich: [LEDE-DEV] DMARC related mass bounces / disabled subscriptions

Harald Alvestrand <harald@alvestrand.no> Mon, 19 December 2016 08:12 UTC

Return-Path: <harald@alvestrand.no>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 84C0C129496 for <ietf@ietfa.amsl.com>; Mon, 19 Dec 2016 00:12:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5
X-Spam-Level:
X-Spam-Status: No, score=-5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-3.1] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FvMGmoiaeqCJ for <ietf@ietfa.amsl.com>; Mon, 19 Dec 2016 00:12:29 -0800 (PST)
Received: from mork.alvestrand.no (mork.alvestrand.no [IPv6:2001:700:1:2::117]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B3FB126B6D for <ietf@ietf.org>; Mon, 19 Dec 2016 00:12:29 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mork.alvestrand.no (Postfix) with ESMTP id A4B527C440B for <ietf@ietf.org>; Mon, 19 Dec 2016 09:12:27 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at alvestrand.no
Received: from mork.alvestrand.no ([127.0.0.1]) by localhost (mork.alvestrand.no [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DEILU5L6ECWO for <ietf@ietf.org>; Mon, 19 Dec 2016 09:12:26 +0100 (CET)
Received: from [IPv6:2001:470:de0a:1:78c7:1f06:7b59:e7f3] (unknown [IPv6:2001:470:de0a:1:78c7:1f06:7b59:e7f3]) by mork.alvestrand.no (Postfix) with ESMTPSA id 44B997C43BE for <ietf@ietf.org>; Mon, 19 Dec 2016 09:12:26 +0100 (CET)
Subject: Re: DMARC methods in mailman --- [LEDE-DEV] DMARC related mass bounces / disabled subscriptions (fwd) Jo-Philipp Wich: [LEDE-DEV] DMARC related mass bounces / disabled subscriptions
To: ietf@ietf.org
References: <25431.1481725548@obiwan.sandelman.ca> <5EF6F271-1CF7-4981-8E83-C7A7B49DB8F2@gmail.com> <CDE8A76C-ECD7-4370-9823-3C78144A8850@nohats.ca> <24005.1481827604@obiwan.sandelman.ca> <alpine.LRH.2.20.1612151513060.15183@bofh.nohats.ca> <20161216202704.glz5vgu773gqqgvm@thunk.org> <20161216203905.GD13486@mournblade.imrryr.org> <01Q8KHVOKE2C011H9Q@mauve.mrochek.com> <m21sx6u8sb.wl-randy@psg.com> <6D2E8F8E-1B02-46EA-B202-D23E5385CFF5@gmail.com> <20161217151451.hx5co6mjqmi2jakg@thunk.org> <13749.1482005985@dooku.sandelman.ca> <fe75a2a0-6127-d29a-8259-a82ddbbc966f@gmail.com> <15836.1482113947@obiwan.sandelman.ca>
From: Harald Alvestrand <harald@alvestrand.no>
Message-ID: <7ef5815c-e4b6-ef6e-4d64-c7288cead269@alvestrand.no>
Date: Mon, 19 Dec 2016 09:12:25 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1
MIME-Version: 1.0
In-Reply-To: <15836.1482113947@obiwan.sandelman.ca>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/qcc01Q9Ktx0ryp9OE18Vc_FInEo>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Dec 2016 08:12:31 -0000

On 12/19/2016 03:19 AM, Michael Richardson wrote:
> Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>     >> > Yeah, it's the "sometimes mail gets lost" problem which is the main
>     >> > issue.  So it might actually be better to have the mailing list
>     >> > software refuse to accept a mailing list posting from a domain with a
>     >> > DMARC record, and it can be bounced back to the sender immediately
>     >> > with a "sorry, try again using some e-mail address that does not have
>     >> > DMARC support".
>     >>
>     >> I really think that this is the right answer for our community.
>
>     > I don't. Accept the posting but also send a friendly warning seems to do less damage.
>
>     >> The DMARC policy is not to forward, and we should respect it.
>
>     > Why does DMARC, which is a broken solution, deserve that much respect?
>
> rfc7489 is Informational, via ISE. Not WG or IETF consensus, it's true.
> Perhaps the IESG should have blocked it, saying it was a run-around, I don't
> know.  Lots of people said it had these problems.
>
> The problem is that it has fundamentally changed how SMTP works (including
> SPF and DKIM as part of that "suite"), and it isn't even standards track!
>
> But, if we don't want to process it, then we need to do that in a way that
> does not cause people to be kicked off the mailing list.

The ISE mechanism exists to get things published that matter to the
Internet.
It was clear at the time DMARC was published that it would be used
whether it was published as an RFC or not. Publishing the document at
least gave us a stable reference to be angry at.

It would actually be harder to publish a document saying "DMARC is bad,
don't use it, use that other thing instead" if there was no stable
reference for what we mean by DMARC.

I'd describe the so-far inaction more as "shut your eyes and hope it
will go away when others figure out that the solution is bad" than as
"sitting on the fence". Didn't work any better, though.

>
>     >> When ARC gets standardized, we should implement it.
>
>     > Assuming it solves the problem, sure. But if it doesn't, the problem will
>     > get much worse.
>
> I have no idea if it will work, but at least, if we were respecting DMARC,
> then the large providers would have some incentive (if small) to make sure
> ARC will work, and will get implemented.
>
> --
> Michael Richardson <mcr+IETF@sandelman.ca>ca>, Sandelman Software Works
>  -= IPv6 IoT consulting =-
>
>
>


-- 
Surveillance is pervasive. Go Dark.