Barry Warsaw writes: > It will probably make no difference, but if we can inform users as > to the real culprits in this mess, they can either complain to > their ISPs or vote with their feet and find a new provider. That > won't happen if they continue to blame the list software or site.
Well, I'll be happy to create the patch just to make the statement, but honestly, I doubt we can convince anybody who actually believes that list software created this mess to believe otherwise. Unlike telephone numbers, email addresses are not portable, so the incentives against moving (which weaken the effectiveness of complaints) are really strong, too. > (If we're serious about this, we should likely have a locked down > wiki page with more detail, linked to from the default p=reject > rejection message.) Agreed. Maybe I'll sprint on this at PyConCA. :-) The sad thing is the DMARC protocol is actually really well-designed for two purposes: allowing mailbox providers to get information about mal-use of their domain names, and allowing organizations that conduct business transactions via direct email to prevent spoofing. It doesn't address the problem of spoofed indirect mail (like mailing list posts) because that's just a really hard problem because there's no known good way to inform users about the trustworthiness of individual messages. (I'd like to blame it on the popular MUAs, but I'm afraid the problem is deeper than that.) Steve _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9