The spam message in this case did not originate from any client or host under my control. It did not transit via any of my mail relays. It was a forgery - it spoofed my email address in the From header, and unfortunately happened to match it up with a To header addressing an IETF mailing list to which I'm subscribed.
Yeah, this is a new trend, crooks harvest address books and then do (from,to) pairwise spamming to take advantage of the common trick of whitelisting addresses in the recipient's address book.
If you're seeing a lot of forgery, SPF, DKIM, and DMARC will help somewhat, but since DMARC famously can't tell the difference between forged spam and mailing lists, I wouldn't turn on any DMARC policies. History suggests that in a while the bad guys will buy a new spam list and your bounces will drop back to normal. FWIW I've been using my iecc.com address since 1993 and my taugh.com address since 2002, both have been scraped out the wazoo but with normal filtering both remain quite usable.
Otherwise the only fix that I can imagine is for the IETF to start opportunistically filtering list message submissions based on DMARC, SPF, and DKIM, as well as performing sender rewriting in the list software. Like most things, I imagine the subscribers on this list have opinions about this - and I'd be glad to hear them.
Given that we've seen only one or two spams of this sort leak through, I'm not inclined to do anything about it. An interesting thing to do would be to instrument the mail, do the various DNSBL, SPF, DKIM, and DMARC checks on incoming mail and log the results in the message headers. Then we can gather data to tell us what would happen if we used them to filter.
On my smallish system, I use a few conservative DNSBLs to block mail, which knocks out about 2/3 of it, then SPF and DKIM as part of the spamassassin score. I check DMARC but don't do anything beyond logging it except for a handful of high risk domains like paypal.com where DMARC failure almost always means phish.
Regards, John Levine, johnl@xxxxxxxxx, Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail.