[ih] Various tests
Matt Mathis
matt.mathis at gmail.com
Sun Feb 11 08:10:26 PST 2024
I'm under the impression that this is the problem that ARC is supposed to
solve. The email intermediary, namely the list itself, can use ARC to
certify that it confirmed the signatures on the earlier hops in the
delivery path.
It's been widely published that Google and Yahoo! Started requiring DMARC
reports as of February 1st and that they would start statistically not
deliver mail from domains not using DMARC. (Yahoo provides mail service
for at least 5 large ISPs)
It's amusing that they didn't require any specific DMARC actions, only that
you turn on the reports; but once you have the reports, bugs and
configuration problems become glaringly obvious; and once you fix them
sammers forging email from your domain become glaringly obvious; and then
when you change the disposition to quarantine (request that downstream MTAs
treat signature violations as spam); the spammers go away.
Unless the email wizards missed something it appears that as DMARC rolls
out we will have strong end-to-end cryptographic signatures of the ISP
which authenticated the human originating every message.
On Sat, Feb 10, 2024, 12:23 PM John Levine <johnl at iecc.com> wrote:
> It appears that touch at strayalpha.com <touch at strayalpha.com> said:
> >It's going to the list archives.
> >
> >But this may be the downside of the new config - whether anyone gets a
> given message depends on EACH SENDER”s email coupled
> >with EACH RECIPIENT’s requirements.
> >
> >For a list about Internet history, I’m starting to wonder if that’s
> desirable….
>
> Although I personally prefer the new setup that preserves the actual
> author, people whose mail systems enforce DMARC, which definitely
> includes Yahoo/AOL and mostly includes Gmail, are going to lose a lot of
> mail.
>
> On the IETF lists, we use a hack I developed that rewrites addresses in a
> way
> that is intended to be reversible. In my original version fred at yahoo.com
> turns into fred at yahoo.com.dmarc.fail (yes, that's a real address) and in
> the
> IETF's version it's fred=40yahoo.com at dmarc.ietf.org.
>
> That works pretty well, give or take the rewritten versions getting
> into people's address books, but it requires more mail system hackery
> than we can expect ISOC to do. So we're stuck putting the list name
> on the From line.
>
> R's,
> John
>
> PS: The commercial groups.io does something similar very well, but they're
> kind of expensive if you have over 100 subscribers.
> --
> Internet-history mailing list
> Internet-history at elists.isoc.org
> https://elists.isoc.org/mailman/listinfo/internet-history
>
More information about the Internet-history
mailing list