On Friday, May 30, 2014 12:09 PM [GMT+1=CET], Stephen J. Turnbull wrote: > J. Gomez writes: > > > Missuse of DMARC's p=reject by Senders is here to stay. It won't go > > away. It will only grow.[*] > > I'm not so sure. Anyway, that doesn't mean we need to sanction it.
To maneuver towards being interoperable with something (the misuse of DMARC's p=reject as a sad fact of life), does not equal sanctioning that something. Furthermore, what is more important - to deserve or not to deserve the prize of being sanctioned as kosher, or keeping a world-wide system interoperable? > > In my opinion, the least disruptive adaptation which mailing list > > software can do is to take ownership --in a DMARC-compatible way-- > > of the Header-From, > > I disagree. The least disruptive adaption is whatever the users of > the mailing list think is the least disruptive adaptation. That's why > Mailman provides multiple mitigation options, and will probably add > more as we think of them or they're contributed to us. Yes, that is true. But a default out-of-the-box always has to exist, and in my opinion that default should be the most interoperable which is possible --interoperable with the real world, not with how we would like the world to be--, while keeping as much valuable features as possible, and while keeping operator's duties as straight forward and simple as possible. > > just like they already take ownership of the envelope's > > ReturnPath-From. > > Ah, but "just like" is a complete misstatement of the situation. > There's a big difference. Users on a mailing list think of the > poster, not the mailing list, as responsible for the content. So > according to RFC 5322, the poster's mailbox belongs in From:. > Remailed or not, the author belongs there. That is debatable. As long as the mailing list program tampers with the message's content, rendering its DKIM signature invalid, it can be argued that the mailing list program is rewriting the message's content, and therefore that the mailing list program now becomes "the system responsible for the writing of the message" (as per RFC 5322 parlance, section 3.6.2), and thus the mailing list address would earn its legitimate place in the Header-From field, making interoperability with rogue DMARC Senders a solved problem. Regards, J.Gomez _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
