Question below
On 2/28/2017 11:49 PM, Theodore Ts'o wrote:
On Tue, Feb 28, 2017 at 05:29:24PM -0300, willi uebelherr wrote:
related to the problem, what Khaled explained, what is your proposal?
What are your "compatible with internet mailing lists" mail systems?
RFC 2821, Simple Mail Transfer Protocol, section 3.10.2
"To expand a list, the recipient mailer replaces the
pseudo-mailbox address in the envelope with all of the expanded
addresses. The return address in the envelope is changed so that all
error messages generated by the final deliveries will be returned to
a list administrator, not to the message originator, who generally
has no control over the contents of the list and will typically find
error messages annoying."
This is the SMTP Envelope From field. The FROM field is not changed,
but the SMTP return address is changed, so that bounces go to the
mailing list administrator as opposed to the person who sends mail to
the mailing list.
Unfortunately, if you are using a system whose domain requests that
all recipients enforce DMARC alignment, this specifically instructs
recipients to bounce mail if the SMTP Envelope return address doesn't
match the FROM field in the header. This means that they won't see
mailing list mail as defined by the IETF Standards Track RFC 2821,
which specifically says that is acceptable (and in fact a good thing)
to change the SMTP envelope return address so that bounces (caused by
people changing where they work, etc.) go to an administrator who can
deal with them. But if the mailing list administrators gets too may
bounces, and it's because the sending domain is requesting that mail
be bounced, the only thing they can do is to unsubscribe the sender or
the recipient.
Hence mailing list systems that enforce DMARC, or request DMARC
processing, are fundamentally incompatible with mailing lists as
defined by section 3.10.2 of RFC 2821.
If you want to participate in such mailing list, one of the best ways
is to change to a mailing list system that doesn't do DMARC.
Best regards,
- Ted
Thanks for the clear description of the problem - I admit that I got a
similar one from folks at the Seoul IETF.
In the short term, one thing I think would be helpful is to identify for
the IETF participants which email providers are known to use DMARC and
maybe also a list of providers that are known not to. Maybe add it to
the IETF mailing list page at https://www.ietf.org/list/ with an
explanation of what's been happening.
Mike