>2.5. How can you distinguish traffic that came from a mailing list from >traffic that came from a spammer but disguised it to look like list traffic >by doing one of the things Terry just listed? > >That one point is a showstopper for me.
Right. One of the axioms about mail authentication is that there is nothing you can say about yourself to raise your own reputation. You can only say two things: A. This is me. B. That isn't me. If you want you can subdivide A into the hard to forge varieties such as DKIM and SPF, and the easy to forge ones such as From: and List-ID:. The only wat to raise the reputation of mail is from credible second or third parties, e.g. reputation data in local spam filters, or external whitelists. No matter how many times people try to go around on this, the axioms aren't going to change. If you have an overly broad type B denunciation as from DMARC, the only way to fix it is either to make the denunciation less broad, which seems unlikely in this case, or override it. We've seen Gmail doing that already, downgrading AOL and Yahoo's p=reject to p=quarantine in their own filters. For the rest of the world whose filters aren't as sophisticated as Gmail's, a whitelist is the only approach I can see. R's, John _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
