Marvin Gülker writes:
However, I thought the entire point in ARC was fixing automatic rejections caused by DMARC invalidation by mailing lists, which are vital for so many open-source projects (including Mailman iself).
Yes. s/fixing/making it possible to fix/ and s/mailing lists/indirect mail/ (the REALLY big losers in April 2014 were small businesses which had a large percentage of their invoices become undeliverable).
That doesn't help you one bit with your "rejection with no reason" problem, though. It helps you with one specific reason (DMARC p=reject).
If ARC falls short of solving that problem, because the large providers do not automatically trust ARC, then supporting ARC on my mailing list server is kind of void. Why should almighty Microsoft trust my small personal mailing list server?
The answer to that is "why shouldn't they?"
I've never had a problem with any of the big services. There are reasons why some hosts might have problems due to no misbehavior of their own, and they wouldn't necessarily know about them either. But mostly the mail does go through.
If the mail itself gets through, I see no reason why they wouldn't trust your ARC fields, so you won't get DMARC rejections, as long as nobody downstream of you breaks your ARC signatures.
If you're seeing something different (ARC-authenticated messages getting rejected for DMARC alignment failure), let us know and I'll talk to a guy who knows this gal. My experience is good, the people I talk to are happy. If your experience is different, the ARC developers should know about it, otherwise we can't do anything about it.
ARC can only achieve its goal with black-listing untrusted relays rather than white-listing known good ones,
The goal of ARC is to keep users at p=reject sites happy. A lot of the people involved both at the IETF and at the DMARC Consortium are old-timers who are very sympathetic to mailing lists. But the day-to- day tuning of algorithms is targeted at users with mailboxes, not the lists that fill those mailboxes. Sad to say, users care more about spam (that's their provider's fault) than about mailing lists (which they assess as the mailing list's fault). Last I heard the Google folks and the IETF are very happy with ARC.
because it is simply unfeasable to manually maintain a list of all open-source project mailing lists in the entire world. I could set a new one up tomorrow, how should you know?
That's not how this works. All of these services use huge databases of spam, ham, hosts, and mailing lists, and apply machine-learning algorithms to that data to create classifiers. It may take them some time to tune them for ARC, but the principle is there's no black or white here, it's all grey.
Steve