Return-Path: X-Original-To: tools-discuss@ietfa.amsl.com Delivered-To: tools-discuss@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D394C1D4A9B for ; Wed, 3 Jul 2024 14:27:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -7.107 X-Spam-Level: X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sandelman.ca Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xgeAWAeY_P8u for ; Wed, 3 Jul 2024 14:27:25 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6AB19C1D4A7E for ; Wed, 3 Jul 2024 14:27:25 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 9DB173898B for ; Wed, 3 Jul 2024 17:27:24 -0400 (EDT) Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 48aAwkwqBaZi for ; Wed, 3 Jul 2024 17:27:23 -0400 (EDT) Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 51E6D38988 for ; Wed, 3 Jul 2024 17:27:23 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sandelman.ca; s=mail; t=1720042043; bh=VbR2XL0947kSQMgxlafeZZmfQdzElHctgy/BJ42X13E=; h=From:To:Subject:Date:From; b=N7wYAfhEcGe0z0ClTiNgB6dQCBsMpOvKpPozWy+8VvKGYodeEWpqsy+0YqiFAs9bF nmKpfclpsaul7Rhj6dBzOAWDOmQjZn63eFo10BnVP9Pk1nUpPoUpbJ9HKlK6x1/6gp bHO23syBm8X7c4t9ybSLC5EmZ24/FRq9pWP1/fbwnGmMkttiARXNwtmO0H9nbpYhmF /9rtJwI/yFuOYSV5vwFymY3tB9aq7lgtJ99I8/+uuVfYQ/dOovOoT5Iqv9RIIM2fJO hqTJ4JYVPXpIG07kh0m2ONvUaFfV+5HMu/ZhO4gR/r76mvzjhLXmCTcJhn//v802Az AaWdeuYl4lrTg== Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 4775B158 for ; Wed, 3 Jul 2024 17:27:23 -0400 (EDT) From: Michael Richardson To: tools-discuss@ietf.org X-Attribution: mcr X-Mailer: MH-E 8.6+git; nmh 1.8+dev; GNU Emacs 28.2 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0;<'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Message-ID-Hash: U27WSQYNW35ZV6WCPITSY3WHFO3AXLEY X-Message-ID-Hash: U27WSQYNW35ZV6WCPITSY3WHFO3AXLEY X-MailFrom: mcr+ietf@sandelman.ca X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tools-discuss.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.9rc4 Precedence: list Subject: =?utf-8?q?=5BTools-discuss=5D_draft_and_author_aliases_VS_SES?= List-Id: IETF Tools Discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Last I checked aliases, like: draft-ietf-cellar-codec@ietf.org were not DMARC protected. When I email to them, the From: is not rewritten to deal with DMARC issues, so it goes out claiming a From: which appears to be IETF impersonate the original sender. I don't know how (Amazon) SES works, but I would assume that there is some kind of IP-address and/or SMTP Authenticated mechanism by which SES accepts emails from the IETF machines. Then, in order for SES to protect Amazon fr= om endless spam attacks, that it then does some authentication of headers to make sure that we aren't trying to impersonate another sender. So I think that we can't switch over to SES until we have DMARC-safed all o= ur aliases, and I understood that was a post-mailman3 switch activity. {I would keep IETFA alive at the addresses it has, and smarthost everything there from the new infrastructure. Maybe a fresh install is in order, but whatever. But, just for long enough to do the alias work} =2D- Michael Richardson . o O ( IPv6 I=C3=B8T consulti= ng ) Sandelman Software Works Inc, Ottawa and Worldwide --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQFKBAEBCgA0FiEEbsyLEzg/qUTA43uogItw+93Q3WUFAmaFwjsWHG1jcitpZXRm QHNhbmRlbG1hbi5jYQAKCRCAi3D73dDdZbAkB/47talPWaPFTMCPmGWJCY9dP1T6 gXXSRW5PegskzoJeoawVtFY2zqbjCwyweBNqFSZyV5qb/xnSoQA5DWq6U32S8yld qYv+e5uM3ZO3/IkFley0xBJ+uOGvZXD1J9LhvYNIIM6oQAOcUXx3jKwQWyyl6Kme 1W4Q+9bVIGcm1xLRCgroKKAV2l/Nh19qx+EEBL1MYdtK8vGQXu4DTz5ooZ6mpjHe jT6tUDmG+YJCBboyXRorS5BSfpE6SPH0Qw0vY3s9cRVew8CaxIRofgtCCFauQPLU Dle8Rp4HTMqkFpE640X9QdBKoipcsCfgbbcQgk9N54qgW7ZmFs7d0Xz585cO =RPrr -----END PGP SIGNATURE----- --=-=-=--