On Fri, Dec 23, 2016 at 9:08 AM, John R Levine <[email protected]> wrote:
> Maybe it is time to rethink this, or open a more official dialogue. I >> understand folks don't want to send reports. I understand the privacy >> issue. However, without these reports, or at least *some* information >> sent >> regarding the unaligned emails, we are at an impasse to migrating to a >> 'reject'. >> > > Nothing you can say will make people send you reports if they're not > already inclined to send reports. To put it bluntly, your problems are not > their problems. > The intent of this thread is not to make folks send reports, it is to change the thinking about sending reports through dialogue/education/conversation. Your statement "your problems are not their problems" is contradictory to the entire premise of promoting DMARC as a solution to the problems of forged emails. Is this not a community effort? Are we not to think continually on how we can improve upon the process instead of putting our heals in the ground stating "its not my problem"? > > The aggregate reports they do send include the IP addresses of hosts > sending mail that fails SPF or DKIM, and I've usually found it pretty easy > to figure out whether it's just spam, a mailing list, or something else > legit. You've found it easy to determine the validity of unaligned emails coming from legitimate senders? I've found it very difficult especially when the sender is not technically adept on DMARC/emailing, or if they are, dealing with the bureaucracy. > > > For certain environments (e.g. financial), we cannot reject *any* >> legitimate emails and therefore require verification of all emails that are >> rejected. >> > > Since there is no possible way that DMARC can describe all legitimate > e-mail, you'll never be able to reject anything. I wouldn't want the job > of doing your organization's spam filtering. > Spam filtering provides logging and email data for easy verification unlike current DMARC receiver preferences. If a user indicates that they should be receiving emails, at least with spam filters, the logs can be reviewed to determine whether their inquiry is on our end or not. > > Regards, > John Levine, [email protected], Taughannock Networks, Trumansburg NY > "I dropped the toothpaste", said Tom, crestfallenly. >
_______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
