On 4/2/22 4:05 PM, John Curran wrote:
On 2 Apr 2022, at 6:23 PM, Jeroen Massar via NANOG <nanog@nanog.org> wrote:
There are a lot of bits and bobs that one has to get right for mail to flow, amongst which:
- IP -> PTR lookup -> that hostname lookup, and match to IP again (https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS) - SPF - DKIM - DMARC - ARC (for mailinglists) - SRS (When forwarding, rewrite the From and resign DKIM, and then ARC-sign that) - Decent TLS - MTA-STS
Jeroen -
It is indeed amazing how many protocols we can spin up to address the same underlying problem, time and time again...
If anyone can anonymously join the mail-sending club and send some email [until bad reputation precludes such], and achieving bad reputation results has no real-world implications, and a new network persona (e.g. domain name) is always available, then the problem could be considered intractable by initial conditions – and no amount of anti-spam protocols (no matter how brilliantly designed and engineered) should be expected to durably address the problem.
(It might, however, be interesting to do a regression analysis on the spam mitigation protocol introduction dates – it’d be interesting to know if the expected number protocols that will need proper setup in 10, 20, 40 years…!)
That's why I wrote this: https://rip-van-webble.blogspot.com/2020/12/are-mailing-lists-toast.html Trust me, it wasn't for lack of trying on my part. Mike