On Fri 28/Feb/2025 14:27:25 +0100 Douglas Foster wrote:
The issue of ARC trust is irrelevant to the topic that Ale has raised. ARC is
useful for an evaluator to detect forwarding, but it is useless for the problem
of "From munging" that has consumed so much time in this WG.
By transferring trust to the user, it only remains to detect forwarding, which
is what ARC is used for. From: munging can then be omitted.
A solution to From Munging requires three pieces:
1) A subscriber's domain that does not enforce From authentication against the
list.
2) A mailing list that learns about non-enforcing subscriber domains
3) A mailing list that adapts its munging behavior based on the enforcement
policy of subscriber domains.
All of these are considered in the fix-forwarding draft.
There are many ways that achieve this result.
Step 1 may be achieved by subscriber request to his email admin or achieved by
default at an organization which ignores DMARC entirely.
Why not by MLM request to the mail admin, followed by subscriber confirmation?
Step 2 can be achieved by notification from the subscriber, from the
subscriber's admin, by information published in DNS, or by sending test
messages through the list from an enforcing domain controlled by the list owner.
Notification has to come from the subscriber's admin. The other options are
unreliable, inappropriate, or impractical.
Step 3 can be achieved most easily by conditional munging, but it could also be
achieved by waiting, without conditional processing, by waiting until all
subscriber domains are known to be non-enforcing.
Conditional munging is it. Appendix A explains how to do it with Mailman.
ARC fails to address the Munging problem because it does not provide feedback
from the non-enforcing domain to the list. Without feedback, the list does not
change its behavior, so the problem remains.
The non-enforcing domain provides a feedback in step 2 above. The admin The
draft provides for confirming the agreement status at any time.
As for continuous feedback, as for aggregate reporting, ARC lacks it and the
draft provides no hint about it.
It should be obvious that lists need conditional munging. Since the feature
is lacking, I have to ask why? The problem has festered for more than 10+
years, so there has been plenty of time for new code to be written. I have to
conclude that people like to complain about the problem but don't really care
to get it fixed. This is especially true of IETF, since they had the resources
to develop a custom munging algorithm but never had the motivation to make it
conditional.
Stephen J. Turnbull, who devised the method in Appendix A, said it is trivial
to implement conditional munging, should the need arise.
Any real fix to the munging problem depends on the lists changing their
behavior. The lack of interest in Ale's solution, or anything like it, is
consistent with the historic pattern of whining about the problem rather than
solving it.
Agreed.
_______________________________________________
dmarc mailing list -- dmarc@ietf.org
To unsubscribe send an email to dmarc-le...@ietf.org
