:: Re: [DNG] Again, again: DMARC is a…
Página Principal
Delete this message
Reply to this message
Autor: Steve Litt
Data:  
Para: dng
Assunto: Re: [DNG] Again, again: DMARC is a no-win problem for mailing lists (was: Can we fix this DMARC thing?)
On Fri, 27 Dec 2019 18:19:10 -0500
Steve Litt <slitt@???> wrote:

> On Thu, 26 Dec 2019 19:12:21 -0800
> Rick Moen <rick@???> wrote:
>
> > Quoting Steve Litt (slitt@???):
> >
> > > Seriously, this DMARC thing, or at least the way it's implemented
> > > on DNG, is downright dangerous.     

> >
> > Seriously, at the time this came up, I worked really hard,
> > tirelessly, and thanklessly, and repeatedly, to explain that Dng
> > was caught in a dilemma created by a mailing-list-hostile
> > anti-forgery standard, a well-intentioned but (in my opinion) badly
> > written piece of ancillary plumbing for SMTP and DNS. I carefully,
> > painstakingly qualified what I said, and dealt with the inevitable
> > people who wanted to argue merely because I expressed a viewpoint,
> > who wanted in knee-jerk fashion to dismiss what I said as yet
> > another subvariety of SMTP crankery, or who were the inevitable
> > sort of edge-case fanatics who lurk on all technical mailing lists.
> >
> > I described how the architecture of DMARC left _all_ the mailing
> > lists in the world in a no-win situation. I detailed how the GNU
> > Mailman people had built into recent releases two separate choice of
> > ways to try to mitigate the DMARC disaster. I detailed why I
> > strongly recommended one of those mitigations strongly over the
> > other. I very carefully disclosed the disadvantages, stressing that
> > there would be some unavoidable problems resulting from the
> > preferred mitigation's operation any time the mailing list poster
> > is sending from a domain with a strongly asserted DMARC policy.
> >
> > I tirelessly repeated these explanations over a span of months, as
> > the Dyne principal volunteers came to grips with the problem and
> > parsed what I and others were saying.
> >
> > And, after a whole lot of my attempting to explain, and explain
> > again, and explain again, and deal with arguments and knee-jerk
> > naysaying, the Dyne principals accepted my recommendation as the
> > least-bad course of action, and implemented the better of the two
> > mitigations.
> >
> > Which brings us to the present.
> >
> >
> > > Let me repeat: "Reply to sender" should never, ever go to the
> > > list.
> >
> > What part of 'some unavoidable problems resulting from the preferred
> > mitigation's operation any time the mailing list poster is sending
> > from a domain with a strongly asserted DMARC policy' was unclear?
> >
> > > Did you know that for some but not all DNG email, "reply to
> > > sender" sends it to the list?    

> >
> > Did you know that most senders don't suffer the malign effects of
> > strong-asserted DMARC policies in their domains' DNS? I've only
> > explained that on Dng a few dozen times. Probably it didn't sink
> > in.
> >
> >
> > You're making me sorrowful, my friend. I am feeling as if all of my
> > efforts to make the no-win nature of the situation, and my
> > mentioning in _particular_ the great irony of my appearing to
> > recommend (a very limited form of) Reply-To munging, after a
> > quarter-century of trying to calmly document for the Internet why
> > it's a bad idea, was time wasted.
> >
> > Tell you what: How about you go onto the Mailman developers'
> > mailing list and bitch about how their least-bad effort to limit the
> > pernicious effects of a badly written anti-forgery standard thrust
> > upon them by others fails to meet your needs? Would you mind doing
> > that?
> >
> > Part of the reason I'm asking is that you, personally, you my friend
> > Mr. Litt, recently accidentally posted private mail here portraying
> > me as a particularly contentious person (in your view as a denizen
> > of Florida, a land of noted passive-aggressives), and thus, if I now
> > argue with you, I will help support your accidental character
> > assassination. (I'll be nice and call it accidental, even though it
> > accords with previous personal characterisations of me you've posted
> > non-accidentally.)
> >
> > And, well, I'm not going to. For lots of reasons including their
> > being no percentage in it. Have a great holiday season. (Chag
> > Chanukah sameach.)
> >
> >
> > And, next time, _you_ get to do the heavy lifting and deal with
> > people who cannot be bothered to read and understand what you said.
> >
> > Meanwhile, I give up.
> >
> >
> > > I beg whomever is in charge of the DNG mailing list to fix
> > > whatever's wrong with the DMARC implementation.     

> >
> > I beg you to pay attention, next time. If I bother to explain
> > anything next time.
> >
>
> DMARC is the systemd of the email world. I'm not going to learn its
> ins and outs or its best and worst workarounds. I'm not going to talk
> to the mailman people. What I *am* going to repeat is that a system
> that *ever* sends back to the list when you click "reply to sender" is
> incredibly dangerous.


So, if we insist on assisting Yahoo, Gmail, Hotmail, and their ilk, and
all their users, by incorporating DMARC at all, we could at least
change the munge string from:

Firstname Lastname via Dng <dng@???>

to:

GOES TO DNG (IRT Firstname Lastname)<dng@???>

So when you do "return to sender" and it crazily puts
dng@??? in the To field, at least that To field won't be
disguised as the user. As far as I know, this requires next to no admin
work: It's just a change assembling one string.

SteveT

Steve Litt
December 2019 featured book: Rapid Learning for the 21st Century
http://www.troubleshooters.com/rl21