Spamhaus and SURBL both publish a domain blocking list, this is enough to use to block emails that went through bad domains (as per ARC custody chain)
Of course, this has to be built into the MTA, but it is all opensource, it is not out of reach, just volunteers and work... On Mon, Feb 15, 2016 at 3:00 PM, Scott Kitterman via dmarc-discuss < dmarc-discuss@dmarc.org> wrote: > The difference in this case is one, maintaining a Wordpress site, requires > a > lot of vigilance, but no information/data that's not publicly available. > To > the extent ARC is useful to mitigate the DMARC mailing list issue, it's > only > useful with additional data inputs that are not public and are not feasible > for small providers to generate on their own. > > It's the difference between can, but often shouldn't and can't. > > I'll stop here though, the horse was probably dead a few mails ago. > > Scott K > > On Monday, February 15, 2016 02:11:57 PM Al Iverson via dmarc-discuss > wrote: > > Scott, I don't really see any difference in the class of problem. You > could > > choose to outsource email it to Google Apps or Microsoft Office 365 if > you > > don't want to figure this stuff out yourself. Many do, from SMB to > > enterprise level, even though email is core to just about every company's > > business. For some, that's very much the reason to job it out to a > company > > who focuses on email as an area of expertise. > > > > On the flip side, I disagree with regard to your take on running a blog. > > Anybody can do it, but many people outsource that as well. I personally > > host my blog with a third party service, because self-hosted Wordpress is > > one of the most hacked into things out there and I want no part of that > > noise, even though in theory I could handle it. I know I'm not the only > > one, and just about anything in this paragraph could similarly apply to > > email. > > > > Regards, > > Al Iverson > > > > > > -- > > Al Iverson - Minneapolis - (312) 275-0130 > > Simple DNS Tools since 2008: xnnd.com > > www.spamresource.com & aliverson.com > > > > On Mon, Feb 15, 2016 at 1:35 PM, Franck Martin via dmarc-discuss < > > > > dmarc-discuss@dmarc.org> wrote: > > > ARC purpose is to say when DMARC fail and the email should be rejected > > > that it is ok to let it through. As such there is no scale problem and > > > anyone can do it. > > > > > > If email is your core business, then complaining you have to do some > work, > > > will not give any sympathy. > > > > > > On Mon, Feb 15, 2016 at 11:17 AM, Scott Kitterman via dmarc-discuss < > > > > > > dmarc-discuss@dmarc.org> wrote: > > >> That's a totally different class of problem. Any competent sysadmin > with > > >> some > > >> time can maintain a CMS based web site (e.g. Wordpress). The fact > that > > >> so > > >> many are not competently managed is a function of capability and > > >> willingness > > >> to do a little work, not a function of inadequate scale. > > >> > > >> Also, following that example, I choose to blog on wordpress.com, > > >> specifically > > >> so I don't have to worry about such things, but the blog isn't a core > > >> business > > >> function, so that's fine. Email is more important, so I care more how > > >> and > > >> where it gets done. > > >> > > >> Scott K > > >> > > >> On Monday, February 15, 2016 10:56:57 AM Franck Martin via > dmarc-discuss > > >> > > >> wrote: > > >> > Yes it is a "you have to be this tall to ride with us". For > instance, > > >> > > >> many > > >> > > >> > Wordpress sites are on URL blocking lists, because the managers > cannot > > >> > > >> keep > > >> > > >> > with basic security updates. So if you want to host a website, you > have > > >> > > >> to > > >> > > >> > be that tall to ride with us (or find a hosting company, that will > give > > >> > > >> you > > >> > > >> > a child seat) > > >> > > > >> > The mail ecosystem is going this way too. The tools are opensource, > > >> > available to all, but you need to deploy them and maintain them. > > >> > > > >> > The spat of serious data breaches because of email, is making all > of us > > >> > very nervous that kids can create so much havoc so easily... > > >> > > > >> > On Sun, Feb 14, 2016 at 11:27 PM, Roland Turner via dmarc-discuss < > > >> > > > >> > dmarc-discuss@dmarc.org> wrote: > > >> > > Scott Kitterman wrote: > > >> > > > It would be nice if we didn't design standards that only worked > at > > >> > > > a > > >> > > > > >> > > certain > > >> > > > > >> > > > scale. "You must be this tall to ride" worries me. > > >> > > > > >> > > There's nothing about ARC that is scale-specific, except for the > > >> > > >> obvious > > >> > > >> > > observation that there's a batteries-not-included problem, so the > > >> > > >> analysis > > >> > > >> > > work required to make good use of it as a receiver is likely to be > > >> > > infeasible for smaller receivers meaning that: > > >> > > > > >> > > - initially only larger receivers will do it, and > > >> > > - if it works then, over time, vendors/developers will embed > > >> > > >> slow-moving > > >> > > >> > > pieces in products and/or reputation data providers will add > faster > > >> > > >> moving > > >> > > >> > > pieces to their services. > > >> > > > > >> > > This is just a diffusion process, not an exclusion of smaller > > >> > > players. > > >> > > Indeed, it would almost appear that you'd be happier if the big > guys > > >> > > >> had > > >> > > >> > > excluded smaller players from this initiative... > > >> > > > > >> > > I'd also point out that we spent most of a decade (2003 - 2011) > > >> > > >> wandering > > >> > > >> > > in a highly-inclusive -all/o=-/discardable wilderness. It took the > > >> > > >> world's > > >> > > >> > > most-heavily-phished organisation working directly with one of the > > >> > > big > > >> > > guys > > >> > > in private to get any purchase on the problem, and their > subsequent > > >> > > sharing > > >> > > of it (DMARC) to bring about progress more broadly. It would > appear > > >> > > >> that > > >> > > >> > > ARC is on a similar path to improving the situation for largest > > >> > > >> unresolved > > >> > > >> > > piece of the problem (supporting forwarding). This does suggest a > > >> > > >> general > > >> > > >> > > difficulty in using a consensus-driven process to devise > solutions, > > >> > > >> rather > > >> > > >> > > than merely refine/standardise/evolve them, however this does not > > >> > > seem > > >> > > like > > >> > > a reason for concern, it may simply indicate that we've gotten as > far > > >> > > >> as > > >> > > >> > > we > > >> > > can get at present with such processes. The important test when > > >> > > >> deciding > > >> > > >> > > whether to cooperate would appear to be whether the particular > > >> > > >> solution > > >> > > >> > > unduly benefits the big guys compared to other viable solutions > that > > >> > > >> are > > >> > > >> > > already known about. ! > > >> > > > > >> > > If there are none, then cooperating on ARC would appear to be a > > >> > > > > >> > > no-brainer. > > >> > > > > >> > > > Solving the mailing list 'problem' in a way that requires me to > > >> > > >> switch > > >> > > >> > > > to > > >> > > > gmail (or some other large scale provider) to get my list mail > > >> > > >> delivered > > >> > > >> > > is > > >> > > > > >> > > > worse than no solution at all for me. > > >> > > > > >> > > Obviously. This is not being proposed, see the comments about > about > > >> > > vendors/developers and reputation data providers. > > >> > > > > > _______________________________________________ > dmarc-discuss mailing list > dmarc-discuss@dmarc.org > http://www.dmarc.org/mailman/listinfo/dmarc-discuss > > NOTE: Participating in this list means you agree to the DMARC Note Well > terms (http://www.dmarc.org/note_well.html) >
_______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
