> On Jul 22, 2014, at 9:30 AM, Viktor Dukhovni <ietf-dane@xxxxxxxxxxxx> wrote: > >> On Sun, Jul 20, 2014 at 09:26:45AM -0400, Michael Richardson wrote: >> >> Regardless of how/if/why/when we process DMARC as a specification, we need to >> decide how ietf.org MTA is going to deal with things. > > For what it is worth the postfix-users and postfix-devel mailing lists > don't have any DMARC issues. Long before DMARC, when DKIM was still > an IETF draft, these lists were changed to not modify the message body > or subject line in any way (no footers and no subject tags). But this is a list service option. I can't enforce one way or another for list operators to set their list up. The default is to add a footer from a default template. Can I change the default for future updates? Sure, but that will violate a long term "no surprise" support principle for justifying automated updates (and the maintenance fees) and this would fall under a big surprise category. There are many list that desire the system level footer information, i.e. the note well for the IETF lists. And I believe, needs to be double checked, there are some jurisdictions where is it legally required, i.e. CAN-SPAM. The DMA I believe also expects it of it's member for community friendly spamming. Overall, this is not something that can be universally applied. > Rather, the lists only append "List-foo" headers, add a "Sender:" > header and otherwise forward the original message unmodified with > a new envelope. The result is that the author DKIM signature > remains valid if present. In my assessment, this is a migration issue, restrictive domains need to be cleaned up from list databases. More importantly, I think it is a mistake to try to kludge around a DMARC specification that is protocol-incomplete. DMARC needs to get fixed first to support 3rd resigners and then we can better evaluate how a list system fits. Right now, there are no options which has created a "chaotic hysteria" to rewrite authorship domains. But even when fixed, at end of the day, there will always be restrictive domains with an ADMD mandate for exclusive mail domain operations and regardless of the amount, their policies must be honored. -- Hector Santos http://www.santronics.com