> -----Original Message----- > From: [email protected] [mailto:dmarc-discuss- > [email protected]] On Behalf Of Al Iverson > Sent: Thursday, March 28, 2013 5:37 PM > To: [email protected] > Subject: Re: [dmarc-discuss] Will DMARC make it hard for outsourced > marketing mail operations? > > On Thu, Mar 28, 2013 at 4:18 PM, J. Gomez <[email protected]> wrote: > > Will DMARC make it hard for outsourced marketing mail operations? > > > > I just got this email (which is not spam, I subscribed to this marketing > material) in which RFC5321.MailFrom and RFC5322.From are obviously not in > allignment, which is understandable as the sending party (the outsourced > marketing company) will want to handle themselves the bounces for that > email campaign, but nontheless the RFC5322.From address has to be a > subdomain of microsoft.com to give it "authenticity" in the eyes of the final > recipient as it's the RFC5322.From address what the recipient's MUA will > display to the user. > > Hard? From a technical perspective, no. There are other challenges, though. > - DMARC is new, not everybody knows about it or is prepared to, or > knowledgeable enough to implement it. > - The outsource provider (hi!) is typically dealing with (only) marketing > people at the client. This is not the DMARC-savvy department. It's hard to > make the case to the marketing people from outside. What works better is > that the security people inside the client organization drive it home > sideways, > then we help to implement it. > - Adjusting the configuration on the outsource provider side isn't hard. But > the client is in the driver's seat, not the provider. The client would need to > choose to put some proper bits in DNS to allow a DKIM signature that > properly aligns with the PRA, then request that the provider update this > configuration. > > Cheers, > Al Iverson >
Al, The concept of PRA only exists in Sender-ID - which is of course deprecated. Mike _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
