On Fri, Jun 13, 2014 at 7:55 AM, Miles Fidelman mfidel...@meetinghouse.net
wrote:
Stephen J. Turnbull wrote:
Phillip Hallam-Baker writes:
My point is that mail is an old protocol and people who expect that
it can be kept going unaltered in its original form serving all the
On 13 Jun 2014, at 7:55, Miles Fidelman mfidel...@meetinghouse.net wrote:
Just a quick reminder here: Postal mail is still going strong, after 100s of
years.
I don't know what it's like where you live, but here the only thing that is
keeping the post office afloat is being paid by
On Jun 13, 2014, at 5:02 PM, Joe Abley jab...@hopcount.ca wrote:
On 13 Jun 2014, at 7:55, Miles Fidelman mfidel...@meetinghouse.net wrote:
Just a quick reminder here: Postal mail is still going strong, after 100s
of years.
I don't know what it's like where you live, but here the only
- Original Message -
From: Matt Simerson m...@tnpi.net
To: dmarc@ietf.org
Sent: Wednesday, June 11, 2014 11:13:55 PM
Subject: Re: [dmarc-ietf] Change the mailing list protocol, not DMARC.
On Jun 10, 2014, at 10:15 PM, Stephen J. Turnbull step...@xemacs.org wrote:
Matt
Phillip Hallam-Baker wrote:
On Wed, Jun 11, 2014 at 1:00 PM, Martin Rex m...@sap.com
mailto:m...@sap.com wrote:
Phillip Hallam-Baker wrote:
Hector Santos hsan...@isdg.net mailto:hsan...@isdg.net wrote:
Let me ask, what if a fedex.com http://fedex.com employee use
-Original Message-
From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of Terry Zink
Sent: Thursday, June 12, 2014 12:37 PM
To: Franck Martin; Matt Simerson
Cc: dmarc@ietf.org
Subject: Re: [dmarc-ietf] Change the mailing list protocol, not DMARC.
Franck Martin wrote:
I
On Thu, Jun 12, 2014 at 12:33 PM, Elizabeth Zwicky zwi...@yahoo-inc.com
wrote:
On 6/12/14, 9:36 AM, Terry Zink tz...@exchange.microsoft.com wrote:
Franck Martin wrote:
I found that to build the override list for mailing list, I could log
DMARC rejected
emails that contained a List-Id
On Jun 12, 2014, at 12:33 PM, Elizabeth Zwicky zwi...@yahoo-inc.com wrote:
On 6/12/14, 9:36 AM, Terry Zink tz...@exchange.microsoft.com wrote:
-- there are also all the non-transparent forwarders (for instance,
enterprise systems which do malware filtering on mail).
And those system are
Terry Zink writes:
Franck Martin wrote:
I found that to build the override list for mailing list, I could
log DMARC rejected emails that contained a List-Id or List-Post
header. Once reviewing the logs (once a week, or once a month),
you can make an easy decision if you want to
Matt Simerson writes:
I'm not sure we need to be considerate of such behavior. If it's
malware, reject it outright.
Can't do that. Many viruses attach themselves to legitimate messages.
If the author is the boss, rejecting it would be, uh, bad.
Steve
Phillip Hallam-Baker writes:
My point is that mail is an old protocol and people who expect that
it can be kept going unaltered in its original form serving all the
purposes that it was never designed for but have emerged over time
are going to be upset no matter what.
True, as far as it
Printed on recycled paper!
On Jun 12, 2014, at 21:54, Murray S. Kucherawy superu...@gmail.com wrote:
On Thu, Jun 12, 2014 at 12:33 PM, Elizabeth Zwicky zwi...@yahoo-inc.com
wrote:
On 6/12/14, 9:36 AM, Terry Zink tz...@exchange.microsoft.com wrote:
Franck Martin wrote:
I found
Rich Kulawiec writes:
But that's not really relevant here. The flooding propagation
model of Usenet is quite different from the model used by mailing
lists.
I'm not sure if it's been made clear already or not, but the Gmane
model (copied by the experimental Mailman add-on) is a NNTP
Murray S. Kucherawy writes:
On Mon, Jun 9, 2014 at 8:59 PM, Stephen J. Turnbull step...@xemacs.org
wrote:
[2] PGP can be worked around by placing the signed body in a separate
MIME part from the header and/or footer parts, and DKIM could at least
be adapted to decorated subjects
On Tuesday, June 10, 2014 6:50 AM, Murray S. Kucherawy superu...@gmail.com
wrote:
https://datatracker.ietf.org/doc/draft-kucherawy-dkim-list-canon/
the master-piece of DKIM messiness. unfortunately,
it doesn't solve current ML problem, but introduces
new ML requirements.
--
Vlatko Salaj aka
On Tue, Jun 10, 2014 at 12:41 AM, Vlatko Salaj vlatko.sa...@goodone.tk
wrote:
introducing new ML requirements has already been
characterised as not an ML solution. we have a few
of them already, and all much simpler than any YADAs.
The person on this list that actually represents a mailing
- Original Message -
From: Stephen J. Turnbull step...@xemacs.org
To: Barry Leiba barryle...@computer.org
Cc: Dave Crocker dcroc...@gmail.com, dmarc@ietf.org
Sent: Tuesday, June 10, 2014 3:33:16 PM
Subject: Re: [dmarc-ietf] Change the mailing list protocol, not DMARC.
Barry Leiba
On 6/10/2014 11:22 AM, Stephen J. Turnbull wrote:
Dave Crocker writes:
Everything gets much easier if we specify guidance for filtering
engines, before humans come into the picture.
But now you are assuming filters that are very close to 100% accurate!
No.
I am assuming that working
On 6/10/2014 1:27 PM, Barry Leiba wrote:
Each of those conditionals will not actually be satisfied. User's
tend not to notice such things. The tend not to understand what
they mean. Even when they understand, they tend to evaluate
choices poorly. They tend to apply choices
On Tuesday, June 10, 2014 4:59 PM, Murray S. Kucherawy superu...@gmail.com
wrote:
Or do you mean something else when you say new ML requirements?
i wasn't talking about DKIM-Delegate, nor is this its thread,
so, while i will get to ur arguments in DKIM-D thread, they miss
the point here.
--
Dave Crocker writes:
I am assuming that working with filtering engines is better than trying
to work with 1-3 billion end users.
That's a pretty stiff requirement. I'd be satisfied if a simple
indicator, e.g. based on parsing Authentication-Results, saved 1-3 end
users from a phishing
On Tue, Jun 10, 2014 at 9:19 AM, Hector Santos hsan...@isdg.net wrote:
The person on this list that actually represents a mailing list so far
seems to like the idea, and has explained why to some extent. I think
that's much more valuable feedback.
More valuable than other feedback?
[...]
On Sun, Jun 08, 2014 at 08:46:00AM -0400, Phillip Hallam-Baker wrote:
NNTP was designed 30 years ago. We should consider moving on. The
modern protocol world is JSON/REST
Let's not be so quick to dismiss NNTP: it's a more elegant weapon from
a more civilized age. ;) It has long since proven
On Mon, Jun 9, 2014 at 12:06 AM, Hector Santos hsan...@isdg.net wrote:
On 6/8/2014 10:26 PM, Murray S. Kucherawy wrote:
To express how strong I feel about this
If there is a charter for a new DMARC WG work, you can bet I will
request that any form of 5322.From-Corruption
On 6/10/2014 9:55 AM, Stephen J. Turnbull wrote:
Hector Santos writes:
Are you oppose to any other domain using strong policies or just
certain ones?
Domains where users have until now felt free to use their mailboxes as
they see fit (posting to mailing lists, as From: in on-behalf-of
On Tue, Jun 10, 2014 at 11:20 AM, Hector Santos hsan...@isdg.net wrote:
It is more easier, more feasible, more safe, to just reject/discard
the failed message (due to policy) at the backend and be done with it.
In your opinion.
It is the expert opinion of million of IETF-MAN-HOURS and
Hector Santos writes:
LSP are just feeling the pains of their early ignorance of the
technology.
That, sir, is false, both as to fact and as to causality.
The LSPs were not ignorant of DMARC or its component technologies --
e.g., Mailman already had mitigations (courtesy of Franck Martin)
On Tue, Jun 10, 2014 at 12:16 PM, Vlatko Salaj vlatko.sa...@goodone.tk
wrote:
That, sir, is false, both as to fact and as to causality.
The choice was among different varieties of pain, but
no amount of preparation would have made the pain avoidable.
that's a completely wrong assumption.
On Tuesday, June 10, 2014 9:42 PM, Murray S. Kucherawy superu...@gmail.com
wrote:
The reason DMARC is not (presently) in the IETF stream has
nothing to do with any of the above points.
u ppl keep repeating that. however, u never say what IS the reason.
why don't u enlighten us, then?
maybe
On Tue, Jun 10, 2014 at 12:56 PM, Vlatko Salaj vlatko.sa...@goodone.tk
wrote:
u ppl keep repeating that. however, u never say what IS the reason.
why don't u enlighten us, then?
Instead of assuming the reason and thus making false accusations, you
could've asked for the details first.
On Tue, Jun 10, 2014 at 12:56 PM, Vlatko Salaj vlatko.sa...@goodone.tk
wrote:
the story of my life... i'm always in minority, fighting for
survival.
It is entirely possible to fight for the minority without acting this way.
It's unfortunate that you feel like your lifetime of frustration
Hector Santos writes:
Will you implement it? You need to implement it as part of the LSP
integration.
What LSP integration? DMARC is an agreement between Author Domains
and destination hosts. Mediators are not party to it. It's arguable
that the host MTA should be checking DMARC
On Jun 10, 2014, at 1:21 PM, Stephen J. Turnbull step...@xemacs.org wrote:
Hector Santos writes:
understand you are a LSP. DMARC effects you differently, but we can't
throw out the proverbial baby.
I don't care what *you* do with your proverbial baby. The point is
that *LSPs* are
On 6/10/2014 6:55 PM, Dave Warren wrote:
I've been surprised how many otherwise-technically-competent people
use subject tags to filter mailing lists. However, I suspect much/most
of this could go away if MUAs started displaying List-* information in
a useful way, and made filtering on those
Matt Simerson writes:
If message headers and footers are so popular, how do you explain
the continued please unsubscribe me posts sent to practically
every mailing list?
Bell curve. Some people are 2-sigma self-centered, and others are
2-sigma clueless. What else is new?[1]
Note that
On 6/9/2014 2:01 AM, Matt Simerson wrote:
I also fail to see how this is a security issue.
Agreed. It's *really* easy to filter and block delivery
for non-existent domains.
That is exactly what will be required to mitigate and close this new
security hole.
if mail.from.tld is .invalid
On Sun, Jun 8, 2014 at 9:06 PM, Hector Santos hsan...@isdg.net wrote:
Fundamentally, any From-Corruption (good term to use) concept is bad. 30
years of mail software/product/hosting development across multiple networks
tells me so, it ethically burns inside me as wrong and I have strong
On Monday, June 09, 2014 8:01 AM [GMT+1=CET], Matt Simerson wrote:
On Jun 8, 2014, at 10:32 PM, Brandon Long bl...@google.com wrote:
The message is already corrupted, or there wouldn't be a problem to
be solved.
When the message arrives at the list, it's unlikely that it's already
J. Gomez writes:
I can understand the welcomed vs unwelcomed thing, but I do not
agree with calling the alteration decoration in one place but
corruption in the other.
Loading the language in such a way is asking for a given conclusion
even before the debate has started. That's not
On Mon, Jun 9, 2014 at 8:59 PM, Stephen J. Turnbull step...@xemacs.org
wrote:
[2] PGP can be worked around by placing the signed body in a separate
MIME part from the header and/or footer parts, and DKIM could at least
be adapted to decorated subjects using z= and footers using l=,
although
I'm not sure what the long list of addressees was about, but I'm not
comfortable with them. Feel free to repost my message if you wish.
Phillip Hallam-Baker writes:
In the medium term, lets kill the stupidity of mailing lists with a
protocol that works. NNTP was originally designed to
41 matches
Mail list logo
