Re: [Tools-discuss] DMARC handling default for IETF mailing lists?

Henrik Levkowetz <henrik@levkowetz.com> Thu, 11 April 2019 22:06 UTC

Return-Path: <henrik@levkowetz.com>
X-Original-To: tools-discuss@ietfa.amsl.com
Delivered-To: tools-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12C5512064B for <tools-discuss@ietfa.amsl.com>; Thu, 11 Apr 2019 15:06:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5XYYnrzfDsfT for <tools-discuss@ietfa.amsl.com>; Thu, 11 Apr 2019 15:05:59 -0700 (PDT)
Received: from zinfandel.tools.ietf.org (zinfandel.tools.ietf.org [IPv6:2001:1890:126c::1:2a]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 18D0412040D for <tools-discuss@ietf.org>; Thu, 11 Apr 2019 15:05:59 -0700 (PDT)
Received: from [86.58.145.69] (port=52469 helo=[10.0.3.20]) by zinfandel.tools.ietf.org with esmtpsa (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <henrik@levkowetz.com>) id 1hEhpW-0006Wi-7o; Thu, 11 Apr 2019 15:05:58 -0700
To: Carsten Bormann <cabo@tzi.org>
References: <71796682-C554-41DC-8529-DA8B20578C40@tzi.org> <72c680ca-9b2a-8e6d-b6d6-501b2ec4cda2@levkowetz.com> <16F668DC-8697-45C9-993F-FCEC27CE73B4@tzi.org>
Cc: tools-discuss <tools-discuss@ietf.org>
From: Henrik Levkowetz <henrik@levkowetz.com>
Message-ID: <4c571570-786b-c3db-1187-aeca76a3e373@levkowetz.com>
Date: Fri, 12 Apr 2019 00:05:51 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <16F668DC-8697-45C9-993F-FCEC27CE73B4@tzi.org>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="L1Msgoa6LtfvDdjWA68oT6lw15rw0TctQ"
X-SA-Exim-Connect-IP: 86.58.145.69
X-SA-Exim-Rcpt-To: tools-discuss@ietf.org, cabo@tzi.org
X-SA-Exim-Mail-From: henrik@levkowetz.com
X-SA-Exim-Version: 4.2.1 (built Mon, 26 Dec 2011 16:24:06 +0000)
X-SA-Exim-Scanned: Yes (on zinfandel.tools.ietf.org)
X-Clacks-Overhead: GNU Terry Pratchett
Archived-At: <https://mailarchive.ietf.org/arch/msg/tools-discuss/Fpd-MSSH0uy2wlgTQ1MNYcafW3c>
Subject: Re: [Tools-discuss] DMARC handling default for IETF mailing lists?
X-BeenThere: tools-discuss@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Tools Discussion <tools-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tools-discuss>, <mailto:tools-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tools-discuss/>
List-Post: <mailto:tools-discuss@ietf.org>
List-Help: <mailto:tools-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tools-discuss>, <mailto:tools-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Apr 2019 22:06:01 -0000

Hi Carsten,

On 2019-04-11 23:58, Carsten Bormann wrote:
> Hi Henrik,
> 
>> On Apr 11, 2019, at 23:28, Henrik Levkowetz <henrik@levkowetz.com>; wrote:
>> 
>> Signed PGP part
>> Hi Carsten,
>> 
>> On 2019-04-11 22:13, Carsten Bormann wrote:
>>> I just configured a mailing list and noticed that the configuration selection
>>> 
>>> 
>>> Replace the From: header address with the list's posting address to mitigate issues stemming from the original From: domain's DMARC or similar policies. 
>>> (Details for from_is_list)
>>> No	Munge From	Wrap Message
>>> 
>>> 
>>> defaulted to “No”.  Does the list admin have to set this to “Munge From” manually?
>>> (We don’t want to do that with known DMARC-bad source addresses, I believe.)
>>> Or does “No” mean “Munge, if needed”?
>> 
>> I believe 'No' means "Don't Munge", and given that we are running a separate
>> DMARC workaround, I believe this should not be set by default.  
> 
> Ah, thank you.
> 
>> If you set
>> it, things should still work, but you'll replace our default DMARC workaround
>> with the Mailman approach.
> 
> Don’t want to do that.
> 
> So maybe the prompt in the config section could have a sentence of the form “Don’t enable this unless you know what you are doing; there is a separate DMARC workaround ongoing.”
> 
> Grüße, Carsten
> 
>> 
>> We're still hoping to be able to deploy ARC, which should be better than both
>> the current default workaround and the Mailman workaround.

I've suggested that as a local Mailman patch to our admins.

Best,

	Henrik

>> 
>> Best regards,
>> 
>> 	Henrik
>> 
>>> 
>>> Grüße, Carsten
>>> 
>>> ___________________________________________________________
>>> Tools-discuss mailing list
>>> Tools-discuss@ietf.org
>>> https://www.ietf.org/mailman/listinfo/tools-discuss
>>> 
>>> Please report datatracker.ietf.org and mailarchive.ietf.org
>>> bugs at http://tools.ietf.org/tools/ietfdb
>>> or send email to datatracker-project@ietf.org
>>> 
>>> Please report tools.ietf.org bugs at
>>> http://tools.ietf.org/tools/issues
>>> or send email to webmaster@tools.ietf.org
>>> 
>> 
>> 
>> 
> 
> ___________________________________________________________
> Tools-discuss mailing list
> Tools-discuss@ietf.org
> https://www.ietf.org/mailman/listinfo/tools-discuss
> 
> Please report datatracker.ietf.org and mailarchive.ietf.org
> bugs at http://tools.ietf.org/tools/ietfdb
> or send email to datatracker-project@ietf.org
> 
> Please report tools.ietf.org bugs at
> http://tools.ietf.org/tools/issues
> or send email to webmaster@tools.ietf.org
>