Re: DMARC and yahoo

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 22/04/2014 06:56, Theodore Ts'o wrote:
> On Mon, Apr 21, 2014 at 12:04:00PM -0600, Doug Royer wrote:
>> If yahoo sends out an email from list-name@yahoo, then that is where the
>> email is from.
>>
>> So it would be correct to set the from/sender in the email to be
>> list-name@xxxxxxxxx.
>> Why try to make it fake anything?
>>
>> If you want to preserve any digital signature in the original message, then
>> send the original email as a mime body part in the forwarded message.
> 
> Because this message that you just sent was sent _from_ Doug Royer, in
> the sense that it was authored by Doug Royer.  It was not authored by
> "ietf@xxxxxxxx", and that's in fact what most users would find more
> interesting, since they have other ways of determining that a
> particular message was sent via a particular mailing list reflector.
> 
> Fundamentally, this is going to be main issue.  For mailing list
> users, when they are following a particular conversation, they want to
> be able to easily identify which e-mails were contributed by which
> participant.  This has historically been done via the "From" field.
> It's possible to reinvent some other field, to indicate who had
> originally authored the message --- say, adding a
> "X-Originally-Authored-By".  But the fundamental issue is that it's
> useful and interesting and wanted that people be able to get the
> "originally authored by" message.  And so eventually, MUA are going to
> be responsive to users' needs.
> 
> The fact that spammers could then use this confuse naive users is not
> likely going to stop them, because if you are having a multi-user
> conversation via e-mail, to make all of them appear to come from
> "mailing-list@xxxxxxxx" is just not acceptable to the users of that
> mailing list.  They will want to know who originally authored the each
> e-mail message.

In fact it's a lie: the message is *not* from the mailing list, it's
from its originator. I have no doubt some ingenious lawyer could
discover a tort in the lie, so it might even be legally dangerous for
the mailing list operator to tell this lie on every message.

Among other things, it makes it virtually impossible to filter trolls.
I am on a couple of lists at the moment where troll filtering is
essential for one's sanity (and where DMARC has been discussed too, as
it happens).

   Brian





[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]