On 7/8/12 9:08 PM, Murray Kucherawy wrote: > On 7/6/12 7:27 PM, "[email protected]" > <[email protected]> wrote: > >>> Given that: >>> >>> * Whitelisting mailing lists is really the only way to get >>> DMARC to work with messages forwarded by lists. >> >> I donĀ¹t agree with the premise that this is something about which >> we need to be concerned on this project. Who gets phished via >> mailing lists? >> >> #Chris's reply # # I want to put this to rest as much as you do. >> What is the expected behavior # for lists that are established >> versus ones that are new and unlisted to all # receivers. This >> is how a spammer could pose as a list and I see it as relevant . >> # >> > > How would a receiver distinguish between an established list versus > one that is new versus one that is unlisted? >
AFAIK, the mechanics of identifying and whitelisting mailing lists is up to each ADMD. One could simply aggregate the list in a local CSV file, or a more preferable option is that a RBL -like DNS server issue TXT records for each domain, letting us know if it is a mailing list. This mailinglist RBL could be an extension to an existing SPAMHAUS, or may be dedicated to this purpose. The TXT response could also list information such as "date added" so that clients can assign an appropriate amount of trust to that assertion. (e.g. Trust the assertion that a given IP is a mailing list or a potential new spammer) I think it would be beneficial to cross check the information in this mailing list IP database against what is in the whitelist DB. The outliers of each repository will enhance or diminish the trust given to an IP. > What would a spammer posing as a list gain him or her? If a spammer were to become trusted via the whitelisting process previously mentioned (or any alternative), then that would be a risk to the goal that DMARC is trying to solve. In other words it would permit spoofing of the FROM address via the exemption process. Therefore, DMARC is only as robust as the exception process created for handling mailing lists. Sent via BlackBerry from T-Mobile _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
