On Fri, 9 Nov 2018, Dave Cridland wrote:
DMARC has had the effect of raising the bar further for smaller service providers and self-hosting of email. It has disproportionately affected providers other than
those involved in its creation. Unfortunately, one of those other providers was the IETF itself, and so it became strikingly obvious, and the providers were forced to
compromise.
I'd phrase it a little different. Small email providers were stuck
between a hard spam rock and a DMARC stone. And guaranteed to lose.
Sadly, I suspect there'll be a poignantly regretful decision to actively restrict federation over time, for reasons of performance, security, and so on. Spam is an
excellent excuse, too - it's worked before, after all.
Yes, we see this at every level. IM, DNS, email and don't forget cloudflare.
I love cloudflare, but the fact that websites are forced to buy kneecap
insurance is bad. It further centralises everything.
But make no mistake, if there weren't sufficient high-value mailing
lists that the major providers cared about losing as "collateral
damage, oh well", it's pretty clear they wouldn't lift a finger. In
fact, they tried that strategy at first. And while it had everything
to do with business, I really don't think it was due to a malicious
attempt to promote walled-garden web fora.
Well, they did indeed try that strategy first. I'm glad it failed this time, don't get me wrong, but I don't think it was performed with market capture as entirely a
happy coincidence.
And sadly, some decentralization efforts are now captured in a
dead-end street of blockchains.
Other worrying developments are "resolverless", mass use of DNS over
TLS/HTTPS to a few (walled garderner) providers, and the Origin
experiments of serving webpage parts from other domains.
Some of this could be used for good, but my experience so far suggests
it just leads to more centralization.
Paul
