ietf-822
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-822] WSJ/gmail/ML, was a permission to...

2014-05-05 00:59:12
from [Brandon Long] [Permanent Link] 
On Sun, May 4, 2014 at 8:07 PM, Russ Allbery <eagle(_at_)eyrie(_dot_)org> wrote:


Ned Freed <ned(_dot_)freed(_at_)mrochek(_dot_)com> writes:


Now, it's entirely possible that it will be done in a way that leaves
DMARC intact. But it is also possible that it will be done in ways that
leave DMARC in tatters.



And I for one am having a lot of trouble mustering up any sympathy if we
end up with the latter.


+1

Right now, I consider breaking DMARC signatures to be a feature, not a
bug, and am acting accordingly in the maintenance of my mailing lists.
Users who want reliable mailing list service can use a non-broken email
provider.

If we come up with something better, I'm happy to consider it.  But I'm
not going to jump through hoops, or rewrite messages in broken and
deceptive ways, just because Yahoo and AOL had a security problem that
they want to externalize to the rest of the Internet.



I guess I just don't understand this sentiment.

The people who operate Yahoo/AOL have made this decision, and
"externalized" it to mailing list administrators.

Your choices are to route around the issue... or externalize the problem
yet again to the members of your lists.

You write as if changing email addresses or service providers is something
that people do at the drop of a hat, but it is not that way.

Or, we can hope that enough mailing list providers get together and stay
the course, break enough mail that Yahoo/AOL feels the pain and loses
customers or just plain feels the blow-back... but I see now indication of
that.  Heck, AOL saw the pain that Yahoo users were having and jumped right
in with their eyes open.

We talk on this list of possible solutions, but really, there are only two
that will work for mailing lists today: pass the messages through intact so
DKIM doesn't break, or modify the From header of the message.  Even if we
come up with a different solution, the time to implementation, and to
implementation by everyone who has adopted DMARC as is would be non-zero.

What is more important to your mailing lists, some historical formatting,
or the participation of your members?

Brandon

_______________________________________________
ietf-822 mailing list
ietf-822(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-822
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-822] WSJ/gmail/ML, was a permission to..., Russ Allbery
Next by Date:  Re: [ietf-822] WSJ/gmail/ML, was a permission to..., Brandon Long
Previous by Thread:  Re: [ietf-822] WSJ/gmail/ML, was a permission to..., Russ Allbery
Next by Thread:  Re: [ietf-822] WSJ/gmail/ML, was a permission to..., Russ Allbery
Indexes:  [Date] [Thread] [Top] [All Lists]