I know it's heresy on an ietf list to suggest it, but we know that amount of traffic going through mailing lists is tiny -- like a couple percent. The amount of traffic going through other forms of manglers has to be even farther down in the long tail of traffic. Mailing lists arose because that's pretty much the only way you could get one to many communication (ignoring usenet). But with the rise of the web that ceased being true, and a lot of that traffic is now just web-based forums, etc.
The benefit for DMARC, of course, is that we could just pick the few nits left in the spec and call it a day knowing that p=reject is perfectly fine in a mailing-list-as-historic world. IETF has always been pretty retrograde and conservative -- I mean, a thousand long thread of hand wringing about FTP fergawdsake on the ietf list shows that. But mailing lists are seriously ancient technology and maybe they like FTP have outlived their usefulness for all of the trouble they cause.
Would it even take all that much effort? Mailing lists could easily be gatewayed to something that sinks the messages and provides a UI to read them if your home domain is set up as p=reject. For all I know, such services already exist. Something with its own UI could even create the UI such that it even preserves the DKIM signature! No need to modify things in-band.
Basically just declare that mailing lists do not meet the security requirements of the modern internet and they are an intractable problem without a good solution... just like FTP.
Mike _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
