Hi, Our CTO, Anders Berggren, just recently blogged about mailing list and different aspect what to do, specially considerations with forensic reports. We've seen some major hosting companies that send forensic reports and exposing user's behalf, leaking information.
Perhaps this could be valuable for security perspective as well: http://www.halonsecurity.com/blogs/considerations-regarding-dmarc-forensic-reports/ Best Regards, Jonas Falck HALON SECURITY INC 100 Montgomery Street, Suite 1080 San Francisco, CA 94104, USA Phone: +1.415.835.3030 Cell: +1.650.445.9076 [email protected] www.halonsecurity.com On 20 Dec 2013, at 11:35, John R Levine <[email protected]> wrote: >>> The correct policy is p=none. > >> Considering that mailing lists are only about 10% of legitimate email >> traffic and if your humans do not rely on mailing lists, then you will be >> fine with DMARC and humans. > > Unfortunately, Franck is just wrong here. If you subscribe to a mailing list > and publish a policy other than p=none, you will screw up the list for other > subscribers. > > I expect that out of self-defense lists will have to add patches to reject > mail from anyone with DMARC policies. > > Regards, > John Levine, [email protected], Taughannock Networks, Trumansburg NY > Please consider the environment before reading this e-mail. > _______________________________________________ > dmarc-discuss mailing list > [email protected] > http://www.dmarc.org/mailman/listinfo/dmarc-discuss > > NOTE: Participating in this list means you agree to the DMARC Note Well terms > (http://www.dmarc.org/note_well.html) _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
