Publishing ruf tag provides forensic reports that can include legitimate email not sent through the corporate infrastructure.
Each domain owner IT staff can decide if this is appropriate. For certain organizations it is very appropriate - registered broker dealers for example. For others it may not be. The great news is that each organization can make that decision based on their particular situation and we don't need the Internet community to make that decision for them. Our customers find forensic reports appropriate and invaluable. If you don't want them, you know what to do. Rather than debating the utility and appropriateness of forensic reports for all domains on the internet, my key question is: What changes should we make to dmarc.org, FAQ, spec or elsewhere to enable people to understand this option and what it means? pat On Apr 29, 2013, at 4:53 PM, Steve Atkins wrote: > > On Apr 29, 2013, at 1:40 PM, Franck Martin <[email protected]> wrote: > >> >> On Apr 29, 2013, at 1:34 PM, John R Levine <[email protected]> wrote: >> >>>>> For the institutional domains that are DMARC's main target, there's no >>>>> problem since there's no mail from individual users, but for domains >>>>> with people, and particularly domains where the people are not >>>>> employees of the domain operator, the privacy issues are worrying. >>>>> >>>> p=none is used on all kind of domains. >>>> >>>> Per the spec, the sending of a failure report is not tied to any p=, only >>>> that the email fails dmarc. >>> >>> Quite right. For anyone with live users in their mail domains, ruf= >>> provides the system admin ability to snoop on mail that he should never >>> have seen. >>> >> I think this statement is overreaching, you have not yet demonstrated that >> the system admin would have access to emails he would not been able to >> obtain via other means. > > If I send mail from my ISPs smarthost, using my corporate email address, to a > deliverable recipient, how would my corporate postmaster have access to that > email? > > Cheers, > Steve > > > _______________________________________________ > dmarc-discuss mailing list > [email protected] > http://www.dmarc.org/mailman/listinfo/dmarc-discuss > > NOTE: Participating in this list means you agree to the DMARC Note Well terms > (http://www.dmarc.org/note_well.html) _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
