Douglas, > Sorry about being slow to respond. I am working on a document that > should permit Author-Domains a means to assert exceptions permitted > for specific authenticated domains (based on their review of DMARC > feedback as a means to permit actual user behaviors.). This is > information recipients simply do not have and represents something > that only the Author-Domain should be making.
I doubt I'm fully understanding your proposal, but it sounds like another cut at closing the trust gap by pushing authentication from the sender (author-domain).
But it doesn't seem reasonable to me, as a user of brand R ESP and subscriber to a brand Y list, that the various author domains of the other list members' brand A, B, C, ... ESPs should determine whether or not I can receive those members' messages. Why is it that you assert that only the Author-Domain should be making those decisions?
I don't get what information in the DMARC feedback could possibly be of value in this circumstance - all that tells the author domain is what decisions my (and other) ESPs made with regard to the message. The DMARC feedback tells them nothing about how much I value that message content - especially in those cases where I never get to see the content due to my ESP's decisions.
In fact, looked at the other way around, from the point of view of the message list contributor (author), it sounds like you are giving his/her ESP veto power over which mailing lists he/she can participate in, by the ESP's choice of which list domains to permit.
I think this speaks to a fundamental distinction between the kind of email traffic DMARC was designed to facilitate, versus email list traffic. The canonical DMARC message is one the author wishes to push to the recipient. The canonical list message is one the author wants to push to the list service, but from there the forwarded messages are much less the concern of the author, and much more the concern of each recipient member of the list.
That's why in terms of closing the trust gap, I think the extension should be from me the recipient saying "I signed up for that list, I trust it's judgment about message quality". The list is acting as my receiving agent.
Having the author domain trying to decide which of the thousands (tens of thousands?) of list domains should be granted permission sounds like a recipe for endless user frustration.
At least with the idea of each receiving ESP running its own whitelist of lists, they have direct access to the receiving user's judgments as expressed by "Spam" and "Not Spam" as a kind of crowdsourcing for the quality metric - assuming first that they pass the messages to at least the Spam folder even in the face of a p=reject author domain.
My idea is not much different, I simply dispense with the overall whitelist of lists and make that a per user list.
-- Shal _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
