Re: Re: ezmlm warning

[Reed Loden <reed () reedloden com>]

On Thu, Jul 16, 2015 at 11:10 PM, Florian Weimer <fw () deneb enyo de> wrote:

> * Reed Loden:
>
> > Yup, I get these, too... Been happening for almost a year. See also
> > http://seclists.org/oss-sec/2014/q3/471.
> >
> > Likely, the ezmlm instance on lists.openwall.com needs to be updated to
> get
> > some of the DMARC compliance changes that were made last year (
> > http://untroubled.org/ezmlm/archive/7.2.2/CHANGES).
>
> Or you need to upgrade your email service to something that supports
> mailing lists.  oss-security uses Internet Mail in the way it is
> intended and specified.  If recipient mail servers cannot accept those
> messages, it is really their fault.

You can complain all your want, but it's not going away. It cuts down on
spam and spoofing mails too much. DMARC isn't some rogue thing that just a
few people are doing. It's all been codified as RFC 7489, and lots of mail
providers have implemented it. There are definitely some things that can be
improved about it (the DMARC WG in the IETF is very busy --
https://tools.ietf.org/html/draft-ietf-dmarc-interoperability-04 for their
latest work on this), but ignoring DMARC is just putting your head in the
sand. Best to deal with the annoying workarounds for now until the next
evolution can be spec'd out and implemented. Otherwise, you risk losing
important e-mail (like joyful oss-security@ mails ;-]).

DMARC is just one aspect of that.  For example, would you also request
> that Openwall will never deploy IPv6 because Gmail rejects mail sent
> over IPv6?

[citation needed], considering I've sent mail over IPv6 and received it
just fine on Gmail (Google Apps, specifically).
https://support.google.com/mail/answer/81126?hl=en#authentication even
mentions IPv6 is supported but just has a few extra caveats that must be
followed.

~reed