Shishio Tsuchiya works for Arista and contributes to networking communities. In 2017, his emails from his arista.com address started being flagged as spam. This was likely due to DMARC policy enforcement. DMARC allows domains to publish authentication policies to prevent spoofing and validate sender information. Checking Arista's DMARC record shows their policy is set to quarantine, which is why emails from arista.com were not outright rejected but flagged as potential spam. Tsuchiya recommends mailing lists upgrade their software to be DMARC compliant so emails from domains like arista.com will pass authentication checks.

1. Copyright © Arista 2017. All rights reserved.Copyright © Arista 2017. All rights reserved.1
DMARC and mailing list
Shishio Tsuchiya
shtsuchi@arista.com

2. Copyright © Arista 2017. All rights reserved.
Who am I?
• Shishio Tsuchiya
- 1997-2000: Ricoh
- 2000-2016: Cisco cisco.com
- 2017- : Arista arista.com
• Sr. Systems Engineer and contributes to
community JANOG,APNIC and IETF
2

3. Copyright © Arista 2017. All rights reserved.
Arista
• Network equipment vendor who are focus on data
center and cloud technology
• Most of develop engineer works at Santa Clara but
customer engineer and sales works from home ,
café and so on.
• We are really using cloud services(gmail,google
callender,box etc).
• arista.com is our domain and brand name and
security is really important for us.
3

4. Copyright © Arista 2017. All rights reserved.
What is happened from 2017
4
My mail from shtsuchi@arista.com suspect as spam….L
on janog.gr.jp

5. Copyright © Arista 2017. All rights reserved.
Reputation?
http://www.senderbase.org/lookup/?search_string=arista.com
5
Looks Clean!!

6. Copyright © Arista 2017. All rights reserved.
DMARC
“Domain-based Message Authentication, Reporting & Conformance”
6
sender
Receiver checks sender information
if it does not match from domain then
ask sender’s org policy by DNS
also reports DMARC execution result to sender.
Reject
Quarantine
None
drop
Spam or Junk folder
can read

7. Copyright © Arista 2017. All rights reserved.
How to check organization DMARC policy?
7
shtsuchi:/ shtsuchi$ nslookup
> set type=txt
> _dmarc.arista.com
Server: 172.22.22.40
Address:172.22.22.40#53
Non-authoritative answer:
_dmarc.arista.com text = "v=DMARC1; p=quarantine; sp=reject; pct=100; rua=mailto:mailauth-
reports@arista.com; ruf=mailto:mailforen-reports@arista.com; fo=1"
Authoritative answers can be found from:
google.com
microsoft.com
yahoo.com
aol.com
are already p=reject
cisco.com
p=none
at first our policy was p=none
but we has changed policy after 1 year test period

8. Copyright © Arista 2017. All rights reserved.
Mailing list issue
8
arista.com
Reject
Quarantine
None
janog.gr.jp
changes sender
and keeps from address
ask _dmarc.arista.com
p=quarantine

9. Copyright © Arista 2017. All rights reserved.
Message to mailing list owner
• Please consider upgrade mailing list software
• https://dmarc.org/wiki/FAQ#I_operate_a_mailing_list_and_I_want_to_interop
erate_with_DMARC.2C_what_should_I_do.3F
• https://wiki.list.org/DEV/DMARC
• IETF mailing list looks upgrade to 2.1.17 but now on
discussion
• NANOG mailing list is 2.1.20 now
• JANOG mailing list is considering upgrade to
2.1.23+j3p3
• APOPS mailing list is 2.1.12 ….
9

10. Copyright © Arista 2017. All rights reserved.Copyright © Arista 2016. All rights reserved.
www.arista.com
Thank You