> On 7 Oct 2021, at 10:37, Alessandro Vesely <ves...@tana.it> wrote: > > On Thu 07/Oct/2021 09:48:12 +0200 Laura Atkins wrote: >>> On 7 Oct 2021, at 01:08, Scott Kitterman <skl...@kitterman.com> wrote: >>> On October 6, 2021 11:37:26 PM UTC, John Levine <jo...@taugh.com> wrote: >>>> It appears that Alessandro Vesely <ves...@tana.it> said: >>>>> Doug's emphasis on aliases tends to give that impression. Otherwise it >>>>> can finally be a much needed attempt at formalizing the old, known From: >>>>> rewriting. >>>> To point out what I would think is obvious, formalizing a bad idea doesn't >>>> make >>>> it any less bad an idea. >>> Agreed. >>> To give a specific example: >>> The mobile mail client I use (K-9 Mail) will either display friendly name >>> or email address. Due to the compact user interface, both isn't an option. >>> There's one Google Group I'm a member of with a number of users with DMARC >>> p=reject domains, so their addresses are rewritten to the list address. As >>> a result, when people don't bother to say who they are in a message, I end >>> up digging through the message header to find out who wrote it. >>> This is not a good user experience. It's not salvageable. >> Agreed. The other day I was trying to refer work to a colleague I’ve only >> really interacted with on a professional mailing list. Due to header >> re-writing and no email address in any other place in the email, I didn’t >> actually have a direct email address for her. >> It’s also become almost impossible to search for messages from some people >> in some clients because you can’t search on from: address any longer. >> These are usability and UX problems induced by DMARC. > > > What do we want to do, then?
I don’t know, honestly. Convince people to actually sign their emails and put .sig files in? There are multiple lists I’m on that has people who post and I have no idea who it is because they neither sign their messages nor include a .sig file and the list sets the reply-to: as back to the list. Implement a ‘original author / submittor’ header for mailing lists? It might be easier to update mailing list software to include a new header than trying to change every SMTP server out there. > Let's exclude, for the sake of reality, both dropping DMARC altogether and > stopping to use mailing lists. What realistic possibilities are there? If I had a realistic solution I’d have proposed it years ago. But just because I don’t have a solution doesn’t mean that any other solution is better than nothing. Sometimes proposed solutions compound the problem, not fix it. > ARC, when 60% of receivers will have (reliably) implemented it? This is not > more realistic than the Vernon's kook I cited upstream. > > After careful consideration, header re-writing doesn't have to imply no email > address in any other place. Savvy lists save the original From: in Reply-To: > or Cc:. If some lists don't do that, perhaps specifying how to re-write > From: can improve that condition, no? When everything is done well, it is > possible to unmunge From: and fully recover pre-DMARC functionality while > still enjoying DMARC checks. The avalanche has started, it’s too late for the pebbles to vote. > Do you see other possibilities? There are fewer legitimate intermediaries (although there is the inevitable long tail of older installations) than there are legitimate SMTP services. Fixing the mailing list problem by adding a new header to identify the original posters email address may be a better solution than codifying the horrible hack that is From munging / rewriting. laura -- Having an Email Crisis? 800 823-9674 Laura Atkins Word to the Wise la...@wordtothewise.com (650) 437-0741 Email Delivery Blog: http://wordtothewise.com/blog
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
