Re: DMARC: perspectives from a listadmin of large open-source lists

Douglas Otis <> Tue, 15 April 2014 00:45 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 0D9F41A06A6 for <>; Mon, 14 Apr 2014 17:45:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id gNtM57pGY-va for <>; Mon, 14 Apr 2014 17:45:48 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:400e:c03::236]) by (Postfix) with ESMTP id 5B97B1A069E for <>; Mon, 14 Apr 2014 17:45:48 -0700 (PDT)
Received: by with SMTP id lf10so8946490pab.13 for <>; Mon, 14 Apr 2014 17:45:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=YJL00wi/zZ9mleykhxoj92IhrwIMUe/xcOcslcFZoZc=; b=bUZzuTA+pMxdfEPIyddzgA2j1ZCEREui5KFByhZrwRj5LWd+4KDsDNt7hadgiKyAD7 3yg4UNVUd1Lw1I6YNmDyCGbB9tis+ASbriQjpqO8Em4+2C6mdhE2dkxz9ZTeUncYPevT k23qq6eN0u8v/ZftwVU2GH9iZFU5mCr0EA6rBKKqBrIE8pCCwNlZh+E7pwUAMCWQ8b0Z tDX4ELYgQN/6Dn5DLTi87PoeXZXBkVlYDsIqZiu0+LIdG9a/GLxMi2FEzH+MN21O2l/C DnXj4w72I6LeYg+dL40L+J9V3FrGBhKZOLsBWqN8dpUY0O9gbGZFAfrwQ+HT2eXRThq7 gP3A==
X-Received: by with SMTP id ng10mr47345581pbc.95.1397522745803; Mon, 14 Apr 2014 17:45:45 -0700 (PDT)
Received: from ( []) by with ESMTPSA id i10sm87114465pat.36.2014. for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 14 Apr 2014 17:45:44 -0700 (PDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
Subject: Re: DMARC: perspectives from a listadmin of large open-source lists
From: Douglas Otis <>
In-Reply-To: <>
Date: Mon, 14 Apr 2014 17:45:45 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <20140414024956.26078.qmail@joyce.lan> <> <alpine.BSF.2.00.1404132327560.26258@joyce.lan> <> <alpine.BSF.2.00.1404132346420.26386@joyce.lan> <> <> <> <> <> <> <> <>
To: "Murray S. Kucherawy" <>
X-Mailer: Apple Mail (2.1874)
Cc: ietf <>
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 15 Apr 2014 00:45:50 -0000

On Apr 14, 2014, at 5:11 PM, Murray S. Kucherawy <> wrote:
> I don't have any idea how to retroactively fix all of that, and I suspect it would be another rat-hole to try.  What I'd really like to talk about is where we go from here.

Dear Murray,

Perhaps the IESG now has more of an open mind regarding risks associated with an "authoritative"  domain responding to a query about a third-party domain impacting the delivery of their users email.  

I'll be happy to re-write the ATPS or ATP draft to offer a simpler, deployable, and functional version able to support aggregated listings.  Brian has already asked that this not be done as an individual submission.  It seems fruitless trying to motivate bulk senders or large ISPs into addressing this problem.  This is something the "email community" needs to solve.  At most, it should involve a simple reference to a ATP listing domain.

1) make use of existing authentication schemes, not just DKIM.
2) always generate consistent labels to ensure fewer community conflicts.

Douglas Otis