We do appear to be spinning our collective wheels on this. Before
getting into substance concerns (e.g. proposed text), what has to happen
for FAQ text to change. In particular:
* Who has update rights?
* What has to happen before he/she/they will amend the FAQ? (e.g.
consensus on this list, consensus amongst dmarc.org signatories,
something else?)
- Roland
On 12/27/2013 10:27 AM, Terry Zink wrote:
Maybe an update to the DMARC FAQ's would be useful here about how to work
around this?
http://dmarc.org/faq.html#s_3
http://dmarc.org/faq.html#r_2
-- Terry
-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of Al Iverson
Sent: Friday, December 20, 2013 2:26 PM
To: DMARC natterage
Subject: Re: [dmarc-discuss] the endless list argument, was Opinions, Please?
I found it trivial to modify my own mailing list software to simply rewrite the From header so that
the sender and visible from are "the list" instead of "the person." That way
the list domain's reputation and policy apply, not the poster's. I recognize that John abhors this
as a solution, but I do want to remind folks that there are other options to make everything play
together nicely, if desired. Time will tell with regard to what ends up getting most often adopted.
Regards,
Al Iverson
On Fri, Dec 20, 2013 at 2:32 PM, John R Levine <[email protected]> wrote:
I don't follow your logic John. Why would the DMARC policy of one
domain affect the health of the mailing list for subscribers from other domains?
One user, who we'll call Mason, is a subscriber to the list. Another
user, who we'll call Franck, subscribes from an address with p=reject.
Franck sends a few messages to the list. The list adds a subject tag
or message footer which breaks the DMARC signature, and it remails the
message with the list's bounce address, so DMARC fails. Mason's mail
system checks DMARC on the incoming list mail, finds that Franck's
DMARC says to reject it, so it rejects it. After a couple of
rejections, the list's automatic bounce handling removes Mason from the list.
Oops.
This isn't hypothetical -- back when ADSP was new, a couple of
overenthusiastic implementations of ADSP bounced people off the IETF's
mailing lists exactly this way.
The obvious defense is for list software to check Franck's DMARC on
incoming mail and not to accept his mail if it says p=quarantine or
p=reject. I've already adjusted my lists to do that. It turned out
to be a one-line config fix in majordomo2.
R's,
John
PS: If anyone is going to suggest that list software needs to be
rewritten not to break DKIM signatures, please don't. We've had that
argument many times already, list software isn't broken, and it ain't going to
happen.
_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note
Well terms (http://www.dmarc.org/note_well.html)
--
Al Iverson | Chicago, IL | (312) 725-0130
Twitter: @aliverson / www.spamresource.com
_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)
_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)
--
Roland Turner | Director, Labs
TrustSphere Pte Ltd | 3 Phillip Street #13-03, Singapore 048693
Mobile: +65 96700022 | Skype: roland.turner
[email protected] | http://www.trustsphere.com/
_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)
