> On 17 Dec 2016, at 12:52, Randy Bush <randy@xxxxxxx> wrote: > > dmarc is sorely broken and all the amielorations have not good side > effects. so the question to me is whether we can move the pain closer > to the cause? > Hi, Randy. It’s hard to move the pain in a predictable way. If I send you an email message and it’s not delivered or gets mangled or goes in your spam folder, who feels the pain? That depends on which of us needs the email more. The group you want to feel the pain are the administrators who add DMARC records, but other than spamming them with error reports, there’s not much we can do. I don’t think the administrators at Yahoo care too much whether their users are able to use IETF mailing lists or not. As a proxy we can “punish" those senders who have a DMARC record for their domain. If we do nothing, their messages sometimes get lost. They have real problems participating effectively in the IETF unless they switch to using gmail or hotmail accounts like many of us have already done. But that gives us pain as well because we’re missing messages as long as they keep using their own accounts. If we apply the mitigations only to such accounts, we solve the bounce issue, but then depending on the solutions we poison some of the other participants’ email addresses, or we make the UI show weird unhelpful things. Seems like everybody else gets the pain. Yoav