On 4/2/22 4:05 PM, John Curran wrote:
On 2 Apr 2022, at 6:23 PM, Jeroen Massar via NANOG <nanog@nanog.org>
wrote:
There are a lot of bits and bobs that one has to get right for mail
to flow, amongst which:
- IP -> PTR lookup -> that hostname lookup, and match to IP again
(https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS)
- SPF
- DKIM
- DMARC
- ARC (for mailinglists)
- SRS (When forwarding, rewrite the From and resign DKIM, and then
ARC-sign that)
- Decent TLS
- MTA-STS
Jeroen -
It is indeed amazing how many protocols we can spin up to address
the same underlying problem, time and time again...
If anyone can anonymously join the mail-sending club and send some
email [until bad reputation precludes such], and achieving bad
reputation results has no real-world implications, and a new
network persona (e.g. domain name) is always available, then the
problem could be considered intractable by initial conditions –
and no amount of anti-spam protocols (no matter how brilliantly
designed and engineered) should be expected to durably address the
problem.
(It might, however, be interesting to do a regression analysis on
the spam mitigation protocol introduction dates – it’d be
interesting to know if the expected number protocols that will
need proper setup in 10, 20, 40 years…!)
That's why I wrote this:
https://rip-van-webble.blogspot.com/2020/12/are-mailing-lists-toast.html
Trust me, it wasn't for lack of trying on my part.
Mike
