On Sun, Apr 9, 2023 at 2:07 PM Douglas Foster < dougfoster.emailstanda...@gmail.com> wrote:
> As an evaluator, what I can accept is that "Some intermediaries could be > allowed to make some changes y do want unrestricto messages, if I have a > list of intermediaries that should be allowed, sufficient reason to trust > what they propose to do, and a reliable way to identify them." I do > exceptions all the time. But lists don't want to make special > arrangements with evaluators, and don't want to make special arrangements > with senders. Apparently, lists don't even want to do rigorous > verification to ensure that a post comes from the purported subscriber. > But theted access to evaluators that filter based on simplistic triggers > like "p=reject". > I see two issues with this line of thinking: (1) "I do exceptions all the time" works when you are a relatively small operator with a relatively small user base for whom you need to configure exceptions. You can get away with doing those manually. What size staff do you imagine GMail would need to hire to investigate and configure manual exceptions on a timely basis for each time one of its billion-plus users wants to subscribe to a mailing list? The notion screams for automation, and automation screams for something deterministic or at least close to it upon which to base automated decisions. That last bit is what's missing here. (2) "But lists don't want to make special arrangements with evaluators, and don't want to make special arrangements with senders". They might, if there existed a reliable way to do so. How would you accomplish this in a way that prevents an attacker from making you think he's a list, and then sending whatever he wants from inside that trust boundary? I think evaluators SHOULD NOT block on simplistic rules like p=reject, > because a correct p=reject block requires follow-on work to block > everything else from that malicious source, and should not be done > incorrectly. They should review, either with pre-quarantine or > post-audit, which is what I do. I have no problem with > disposition=quarantine, even for p=none. I am obligated to protect my > users, while also obligated to provide my users the messages they need, not > the ones that are technically optimal I don't understand why Big Tech and > its A.I. tools cannot be deployed to do the best thing. > I'm pretty sure they could, for their own use cases. But what about the operators in between, who aren't Big Tech and don't have AI tools? A standard has to work for everyone. -MSK, participating
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
