Phillip Hallam-Baker writes: > NNTP was designed 30 years ago. We should consider moving on. > The modern protocol world is JSON/REST
That's off-topic for this list, IMO, and I don't intend to discuss it unless the moderator(s) make clear that it is on-topic. What I believe is on-topic is that several people participating in development of DMARC-related standards have expressed concern about the impact on mailing lists. There's no question that "p=reject" is a knife at our throats, because much of the value-added of Mailman-style lists to end users is in the "decoration" added to posts, and I have yet to see anyone (except Franck Martin) say on the Mailman channels that From-corruption is completely acceptable. All mitigations proposed so far are deeply unpopular with our users (list operators), as well as with the developers. Nor is it clear that any standard for third party authentication will be approved at all, let alone adopted widely by Author Domains in good time. The mention of Usenet suggested a completely "out of the box" way to sidestep DMARC impact by avoiding SMTP entirely, using NNTP as an alternative transport. I merely wanted to make it clear that GNU Mailman is *technically* prepared to think about that kind of thing, if better mitigations for the SMTP transport aren't developed. (Development of a new "modern" transport is completely out of the question for us; we have neither the skills nor the resources.) Both the security ramifications of NNTP and the social ramifications of changing from a push protocol to a pull protocol for transport are entirely unclear to me, however. And of course I don't speak for any other MLM development communities. _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
