On Sat 02/Jan/2021 19:47:18 +0100 John Levine wrote:
In article <8f438ed3-88cb-58dd-6a12-630e4000e...@tana.it>,
Alessandro Vesely <ves...@tana.it> wrote:
The entire problem with catering to the long tail is that it is holding hostage
better email security. We should stop doing that. There is no right to stasis
forevermore. If the scouts email breaks, they can get somebody to fix it. They
will thank us in the long run when scammers can't phish using them as a prop.
I agree too. I'm pretty sure there are more small organizations using
provider e-mail addresses than little private mail servers sending
less than 1000 messages a day, so let's declare both of those out of
scope. Or maybe not.
[...]
PS: This really is off in the weeds, isn't it?
I don't think so. There is a very practical outcome. We should expand Section
9.5, "Interoperability Issues" and say something actually workable. And its
referring to Section 5.2 of RFC 6377, "DKIM Author Domain Signing Practices",
has done its time and can be dropped.
I recall that MLMs were involved in a discussion about DMARC mitigation
here[*], before From: rewriting started to take root. Perhaps, things happened
that way because, after all, IETF's own mailing lists were affected.
Conversely, we never addressed the Girls Scout troops problem.
Now, MLMs work well even though From: rewriting isn't standardized yet, while
ESPs apparently didn't get that hint. Therefore we should describe From:
rewriting (and possibly some other workarounds of those) in Section 9.5 of
dmarcbis, so that everybody knows. BTW, that's our chance to say /how/ to
rewrite From:.
We should also encourage large free-mailbox providers to publish selectors with
trusted ESPs' public keys. Unlike MLM transformations, ESP messages cannot be
authenticated by other means.
Best
Ale
--
[*] dmarc-ietf] IETF Mailing Lists and DMARC
Cullen Jennings, Wed, 02 November 2016 16:00 UTC
https://mailarchive.ietf.org/arch/msg/dmarc/2uVZ0BVpGoXSviXZxhU-G0sDSNc/
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
