On 04/18/2014 05:33 PM, Ned Freed wrote:
On 04/18/2014 07:47 AM, Ned Freed wrote:
I said: Rather than throwing up our hands and telling the DMARC
folks that we refuse to work with them unless their solution
solves the problem of our anachronistic use case that that
constitutes only a tiny percentage of their overall traffic;
Again with the traffic size as justification for poor behavior.
Not all messages are created equal, and some functions have
utility entirely disproportionate to the amount of bandwidth they
use.
Right, so the input here from the operators is, "Mailing list
traffic is not important enough to us to prevent us from deploying
an anti-spam solution that solves the vast majority of our problems
with little cost or difficulty. The MLM software authors will have
to deal with this problem on their end." And your response is to
stamp your feet and shout, "But my mailing list traffic IS
important! It is, IT IS!!!!!"
I really have to wonder where you got enough straw to build a
strawman of this size. If you actually, you know, read what I've been
saying, it has been that this was handled extremely poorly by the
IETF. Just not in the way you happen to believe.
Your view of what happened, who the operators actually are and what
their positions are, and what the likely consequences are going to be
are somewhere between a gross oversimplifications and looney tunes.
But I must say they are amusing.
First, I acknowledge that you seem to be interested in addressing the
IETF's failings, the problem is that small matter of disagreement on
what those failings are. You say that my version of events is "looney
tunes," and yet there is "rough consensus and running code" backing it
up. Even before AOL joined the p=reject team, but much more so now.
It's incredibly obvious that the IETF either didn't listen to, or didn't
act on clear messages from the operator community on this topic. Trying
to re-paint the failure as one of process (or whatever weird rathole you
appear to be willing to travel) doesn't help the situation at all.
For this issue what would help is for the IETF to admit its failure, and
take in hand the problem of solving mailing list delivery for DMARC
protected domains (along with the MLM software authors of course). If
there are other places where DMARC has weaknesses that can be shored up,
let's tackle those too.
What won't help is sitting on the sidelines and whinging that the "DMARC
cabal" "doesn't get it" and has to listen to us about how it should
conduct their business. Because not only do they clearly not have to do
that, they are not doing it. You will see more and more large mail
providers implementing p=reject because it's good for them, and the
fallout from Yahoo!'s implementation has been marginal (from their
perspective).
From a larger perspective it would be very useful for the IETF to take
this message to heart in other areas, like say ... DHCPv6. But I digress. :)
Wrong again. The evidence shows clearly that the IETF did listen, to
this group at least. Where the IETF failed was in not looking at the
big picture and likely consequences, which I'm afraid is not laid out
along the axis of "big operators all supporting DMARC" versus "tiny
insignificant list maintainer stick-in-the-muds".
I'm not sure who you're defining as "the IETF" in this context, but the
record seems to show that there was a non-zero number of people telling
the DMARC folks that their spec should not be implemented because it
doesn't solve the mailing list problem, among others. So rather than
listening to the operators and working to solve the MLM problem, there
was whinging, and intransigence. I don't care how you want to
characterize the problem, the failures of communication and inaction are
pretty clear.
Doug