[Mailman-Developers] Mailman DMARC Support (it's not what you think!)
J. Trent Adams
jtrentadams at gmail.com
Fri Nov 8 01:00:56 CET 2013
Jim -
On 11/7/13 3:27 PM, Jim Popovitch wrote:
> On Thu, Nov 7, 2013 at 5:12 PM, J. Trent Adams <jtrentadams at gmail.com> wrote:
>> should provide an option to participate in as secure communication as possible.
> Randomly applying security distinctions, to RFC de'jour, is not really
> helping.
Well, here we disagree. DMARC is far from random (in development since
2007), and it's actually helping. And not just on the margins. We're
seeing significant improvement in the real world at Internet scale for
millions of our customers. It'd be fantastic to see Mailman trumpet an
option that allows those who want to take advantage of it to drop their
old, beat-up MLM and join the party.
> If you want true message security, then PGP/GPG is the only
> universal way. If you are just looking to protect the integrity of
> the pathway, might I suggest that a wrapper around 2 different
> technologies (one being header reliability and the other being source
> reliability) is just that... a wrapper (or as I say, a panacea). If
> you truly wanted secure comms, DMARC would be mandating PGP and going
> after MUAs....
Here, though, I totally agree with you! After all, I earned my degree
in astrophysics, and we modeled everything using perfect theoretical
spheres. Sadly, our models always fell short under close scrutiny. . .
fortunately, as opposed to physics, the astro variety of the science
didn't often come under close scrutiny. Talk about being left off the hook!
That being said, in a more nuanced, complex, messy world, theoretical
solutions don't always live up to the promise. So, yeah, it'd be super
kewl to ask all our customers (and all the communication channels) to
get on the bandwagon with encryption. I've got stacks and stacks of
real world data and research that explains why that's simply not viable
(today).
DMARC, on the other hand, emerged as an empirical experiment on what
works today, in the real world. It was a lot of trial and error until
we happened to get the mix right. It's no panacea (it only stops one
type of particularly nasty attack), but you're right, it's just a
wrapper. Fortunately, it works, so the Lords of Kobol be praised!
Finally, some defense against the maurauding Cylons (even though it's a
mish-mash of low-tech bits and bobs).
. . . amusingly, this reminds me of the LAN parties we used to have. It
wasn't pretty, but the goal was to get the Sinclair to talk to the
Commodore using whatever means necessary (air nets were particularly
hilarious, albeit incredibly hard on the ears).
> but I digress.
Yeah, but aren't digressions fun? Happy to continue the conversation
off-list so that we don't bore the rest of the crew.
Cheers,
Trent
>
> -Jim P.
More information about the Mailman-Developers
mailing list