Scott Kitterman wrote: > To > the extent ARC is useful to mitigate the DMARC mailing list issue, it's only > useful with additional data inputs that are not public and are not feasible > for small providers to generate on their own.
I meant to ask earlier: would you level the same criticism at SMTP, given that running a useful mail-receiving-server without a solid DNSBL is now more-or-less infeasible? Does the fact that Spamhaus is already available free of charge to all of the small guys change this analysis? Perhaps the fact that SMTP was developed at a time that abuse was not widespread gives it a free pass on this front? Presumably you don't argue that, *because* we're already in a high-abuse environment we should therefore cease collaboration on any class of solution which happens to require more data than is either: (a) feasible for small guys to process usefully, or (b) available to small guys at all? Would the public availability from a trustworthy source of data that makes it possible to use ARC to decide when to override DMARC policies[1] change your position? - Roland 1: I *don't* believe that this would take the form of a whitelist. It's more like the ability to recognise changes in baseline behaviour by forwarders who may or may not be ARC signing. I suspect that John Levine's concerns about whitelists have some strength. _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
