ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: DMARC and ietf.org

2014-07-22 12:28:37
from [Hector Santos] [Permanent Link] 


On Jul 22, 2014, at 9:30 AM, Viktor Dukhovni 
<ietf-dane(_at_)dukhovni(_dot_)org> wrote:


On Sun, Jul 20, 2014 at 09:26:45AM -0400, Michael Richardson wrote:

Regardless of how/if/why/when we process DMARC as a specification, we need to
decide how ietf.org MTA is going to deal with things.


For what it is worth the postfix-users and postfix-devel mailing lists
don't have any DMARC issues.  Long before DMARC, when DKIM was still
an IETF draft, these lists were changed to not modify the message body
or subject line in any way (no footers and no subject tags).


But this is a list service option.  I can't enforce one way or another for list 
operators to set their list up.  The default is to add a footer from a default 
template.  Can I change the default for future updates?   Sure, but that will 
violate a long term "no surprise" support principle for justifying automated 
updates (and the maintenance fees) and this would fall under a big surprise 
category.  

There are many list that desire the system level footer information, i.e. the 
note well for the IETF lists.   And I believe, needs to be double checked, 
there are some jurisdictions where is it legally required, i.e. CAN-SPAM.   The 
DMA I believe also expects it of it's member for community friendly spamming.  
Overall, this is not something that can be universally applied.


Rather, the lists only append "List-foo" headers, add a "Sender:"
header and otherwise forward the original message unmodified with
a new envelope.  The result is that the author DKIM signature
remains valid if present.


In my assessment, this is a migration issue, restrictive domains need to be 
cleaned up from list databases.   More importantly, I think it is a mistake to 
try to kludge around a DMARC specification that is protocol-incomplete.  DMARC 
needs to get fixed first to support 3rd resigners and then we can better 
evaluate how a list system fits.  Right now, there are no options which has 
created a "chaotic hysteria" to rewrite authorship domains.  But even when 
fixed, at end of the day, there will always be restrictive domains with an ADMD 
mandate for exclusive mail domain operations and regardless of the amount,  
their policies must be honored. 

--
Hector Santos
http://www.santronics.com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Moderation on ietf(_at_)ietf(_dot_)org, Dave Crocker
Next by Date:  Re: Moderation on ietf(_at_)ietf(_dot_)org, Ted Lemon
Previous by Thread:  Re: DMARC and ietf.org, Viktor Dukhovni
Next by Thread:  Re: DMARC and ietf.org, John Levine
Indexes:  [Date] [Thread] [Top] [All Lists]