[TUHS] Excessive bouncing ... argh!

Grant Taylor gtaylor at tnetconsulting.net
Sun Sep 24 06:24:57 AEST 2017


On 09/23/2017 08:12 AM, Theodore Ts'o wrote:
> DMARC is only useful if you are worried about people trying to use
> your domain for phishing purposes.  This is more of an issue for
> Paypal.com and bankofamerica.com.  In general it's not really an issue
> for thunk.org and tnetconsulting.net.

That is your opinion.  Mine happens to differ.  I think we're both 
adults and can agree to disagree.

> DKIM and SPF are useful if you need to interoperate with big, free
> e-mail systems such as Yahoo, AOL, and Google which are *using* DMARC.
> Using DKIM and SPF are useful in trying avoid your site from falsely
> being accused as being a spammer.

I feel like DMARC is just the latest technology / technique that is 
causing ripples in the pond.  -  I seem to remember similar ripples when 
SPF, and DKIM to a lesser degree, were introduced became more popular.

> DMARC has no real value, and in fact has negative value, as it means
> that when you send e-mail from a DMARC site that causes other people
> to be ejected off of mailing lists, the mailing list administrator may
> decide that you are actively causing harm to the community, and simply
> prevent you from sending mail to the mailing list all.

I believe DMARC does have value, and will have more value in the short 
to mid-term future.

I acknowledge the perceived negative value of DMARC.  I expect that 
other anti-spam techniques caused similar perceptions over the years.

  - Closing open relays
  - Requiring reverse DNS
  - SPF
  - DKIM
  - DMARC
  - ARC (possibly in the future)

I understand why people may want to push back on such technologies.  I 
feel like they are free to have their opinion.  I'll try to keep my 
opinion to myself.

However, I suspect that the horse drawn carriages are going to 
eventually end up yielding to the automobile in most places.

This is exactly why I've been working with Warren to try to make sure 
that I (and others using DMARC like me) don't cause harm to the TUHS 
community.

> Other proposed solutions is to have the mailing list software detect
> that you are using DMARC, and only having *your* postings munged so
> the from field says thus at minnie.tugs.org, instead of
> gtaylor at tnetconsulting.net.  That way only people who are using mail
> systems with DMARC get their From field munged, instead of punishing
> everyone using the mailing list.

I do believe that's the current industry accepted work around.  -  I 
don't know if it's the proper thing to do or not.  -  I suspect it's 
what I'm going to end up asking Warren to enable.  (It's my 
understanding that the mailing list manager that Warren is using already 
has the knob, and that he just needs to turn it.)



-- 
Grant. . . .
unix || die



More information about the TUHS mailing list