--On Monday, 21 July, 2014 02:03 +1200 Brian E Carpenter <brian.e.carpenter@xxxxxxxxx> wrote: > On 21/07/2014 01:26, Michael Richardson wrote: >> Regardless of how/if/why/when we process DMARC as a >> specification, we need to decide how ietf.org MTA is going to >> deal with things. >> >> 1) someone has to fund changes to mailman, and perform >> testing, installation, and community education for the IETF >> mailing lists. That implies that we have to decide *for >> ourselves* where and how we will "break" the DMARC/DKIM >> connection, and if we will reject email from p=reject >> senders before we attempt to relay. > > I thought the preferred solution was to rewrite the From for > those users only. Brian, I think that remains controversial. At least some of us would prefer that we scan IETF lists for addresses that might be affected, notify those people that they will no longer be able to send to IETF lists from those addresses, and then, while we would continue to deliver traffic to them to the degree feasible, any traffic originating from them would simply be rejected or bounced by mailman. That requires changes and some tool work too, but puts the pain where it belongs -- on the DMARC-using systems and those who choose to have addresses on then. I have mixed feelings about recommending that strategy for the more general community and am happy to let the proposed WG do its job, but, as far as the IETF community is concerned, we are all presumably capable of understanding the issues and finding other addresses if needed. john