On Thursday, May 08, 2014 6:21 PM [GMT+1=CET], John Levine wrote: > > > The tag "l=" would not be required. Its absence would formally > > > equal "l=dunno", which meaning is explicitly undefined. > > > > > > The absence of "l=" is not equal to "l=no". The presence of > > > "l=no" shows to the Receivers at large that the Sender is aware > > > of DMARC's failure case with mailing lists, and that he as a > > > Sender is not affected by such a problem. > > Could someone describe a plausible scenario in which this hack is more > useful than a simple whitelist of senders for whom you skip DMARC > checks?
Why talk about "useful" only? Let's talk about "easier to deploy" and "easier to go with", as any Sender could use the "l=" tag to express their particular situation by themselves to all Receivers at large, without having to go through any bureaucratic processes with some Mailing List Certification Authority (owned by Symantec, perhaps?). Anyway, the "l=" tag could perfectly cohabit with a public service for mailing list whitelisting, it's just that the "l=" tag would make such a service unnecessary when the sender publishes a DMARC policy of "p=reject;l=no". In other DMARC cases, a public service for mailing list whitelisting would indeed be a very nice thing to have. > Spammers can pretend to be lists, so you can't blindly trust that > anything > with a List-ID or whatever is a list, and you need the whitelist > anyway. Yes. What does Gmail do to detect mailing list activity even when DMARC checks fail for p=reject domains? Regards, J.Gomez _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
