ietf
[Top] [All Lists]

Re: DMARC and ietf.org

2014-07-20 16:42:17
Brian E Carpenter wrote:

Michael Richardson wrote:

Regardless of how/if/why/when we process DMARC as a specification,
we need to decide how ietf.org MTA is going to deal with things.

I thought the preferred solution was to rewrite the From for
those users only.

Sound like a reasonable approach to me.


Hector Santos wrote:

-1.

Its not the preferred solution. Not one iota. Please don't endorse 
this radical "email game changing" behavior.  Since you are among the 
"top IETF key cogs," if its preferred among the IETF key cogs, as you 
are making it sound, then this is not good at all. It would be a 
serious "game changer."  It goes to show how much the IETF really 
cares about the concerns for the wider and entire mail networking 
community which is obviously becoming less and less. It will set a 
terrible precedence and obvious security loophole if you crack open 
this door.  The "From" could never be trusted again and the new 
algorithms necessary to separate and categorized the good from the 
bad, will be overwhelming and complex at all levels.

Plus, if you ask and explore the risk and liability issues with your 
chief council, you could be playing with fire here. I wouldn't do it. 
Bad idea.

I don't have the slightest idea what you're talking about.

Mailing lists @ietf.org are proper recipients of EMail, and ietf.org
has discretion to modify what it receives before it distributes
postings in new and seperate SMTP transactions to mailiing list recipients.

Knowing that some recipients (or more appropriately the relays that
take mail for these recipients) will choke on rfc5322-from with
mailboxes for which DMARC policies have been published, the ietf.org
mail exploder could decide to either reject postings, or to remove
or modify the information that is known to cause that choking.

Removing/replacing or rewriting offending mailboxes in rfc5322-from
would all be perfectly acceptable solutions to the problem that
minimize the impact on users (not require them to get a new mail
account from a more interoperable mail provider).
The fact that From: has traditionally been carried through was
to provide convenience to the mailing list subscribers and to
facilitate recognizing the (alleged) authorship of the contents. 


-Martin

<Prev in Thread] Current Thread [Next in Thread>