>I would love to see that list of multiple mitigations shared with the
>broader community. That would be useful information for people in the
>IETF, as well as other MLM teams not involved wherever those discussions
>occurred.
Your wish is our command:
http://wiki.asrg.sp.am/wiki/Mitigating_DM
>That's okay -- it was just a thought. However, note that not all MLMs
>are in as good a shape as GNU Mailman is, volunteer-wise. For *them*, it
>might be useful.
I wouldn't count on it. I did .invalid patches for majordomo2, which
is largely abandonware but still used a fair number of places.
Thanks for your comments Stephen.
On 5/31/14, 1:51 PM, Stephen J. Turnbull wrote:
Tony Hansen writes:
>> That doesn't help the DMARC situation now, but DMARC could be
>> given other options once that happens.
>
> I agree completely that a change to DMARC is needed in conjunction
> wit
On May 31, 2014, at 8:49 AM, Stephen J. Turnbull
wrote:
> Douglas Otis writes:
>
>> https://community.intuit.com/questions/899989-please-make-quickbooks-pass-the-dmarc-evaluation-please-do-this-quickly
>
> Grr. Doesn't describe the problem! Is it that a QuickBooks client
> using a mailbox a
J. Gomez writes:
> Users won't care about the politics of the email system, but about
> relevant and wanted email landing on their inbox -- hopefully in an
> easily readable manner.
If you have users like that, configure your lists accordingly. The
options are available (in GNU Mailman, at le
Douglas Otis writes:
> https://community.intuit.com/questions/899989-please-make-quickbooks-pass-the-dmarc-evaluation-please-do-this-quickly
Grr. Doesn't describe the problem! Is it that a QuickBooks client
using a mailbox at a "p=reject" domain is having QuickBooks send
invoices on their beha
Tony Hansen writes:
>> That doesn't help the DMARC situation now, but DMARC could be
>> given other options once that happens.
>
> I agree completely that a change to DMARC is needed in conjunction
> with having clear ML specs.
A change to the protocol? What? I don't see it. The protocol
On Saturday, May 31, 2014 2:18 PM [GMT+1=CET], Stephen J. Turnbull wrote:
> J. Gomez writes:
>
> > Furthermore, what is more important - to deserve or not to deserve
> > the prize of being sanctioned as kosher, or keeping a world-wide
> > system interoperable?
>
> In the face of bullying by larg
On Friday, May 30, 2014 18:46:45 Steven M Jones wrote:
> On 05/30/2014 10:20 AM, Scott Kitterman wrote:
> > On Friday, May 30, 2014 17:07:30 Elizabeth Zwicky wrote:
> >> On 5/29/14, 8:44 PM, "Scott Kitterman" wrote:
> >>> DMARC change is even more off the table than MLM software change
> >>
> >>
Elizabeth Zwicky writes:
> So changes that maintain effective protection for users who are
> being targeted by attackers with addressbook information, with less
> disruption to email that people want, are of great interest to us.
How about trying "p=quarantine" with a real short TTL just in ca
Brandon Long writes:
> 1) Reject posting from p=REJECT users
+1 <0.2 wink>
> It seems like [ignoring DMARC bounces when checking if the
> recipient is able to receive] should be relatively uncontroversial,
Mailman is already working on this. Unfortunately, some domains just
use a generic 5.
J. Gomez writes:
> Furthermore, what is more important - to deserve or not to deserve
> the prize of being sanctioned as kosher, or keeping a world-wide
> system interoperable?
In the face of bullying by large operators counting on the fact that
ostracizing them would seriously annoy millions
On Saturday, May 31, 2014 1:44 AM [GMT+1=CET], Hector Santos wrote:
> On 5/30/2014 5:49 PM, J. Gomez wrote:
>
> > > Ah, but "just like" is a complete misstatement of the situation.
> > > There's a big difference. Users on a mailing list think of the
> > > poster, not the mailing list, as respons
13 matches
Mail list logo
