On 01/06/18 17:04, Alessandro Vesely via dmarc-discuss wrote:
I see. As a small receiver, I didn't even think about comparing different forwarders of the same senders. In my case, such coincidences only cover a handful of trusted mailing lists. Your argument further confirms how ARC better suits large receivers.
Not quite: * It confirms that mapping who to trust requires both access to and the ability to process a view of a large subset of the world's mail-servers. This is comparable to the work of cartographers in the physical world: you *could* drive from one end of a continent to the other without ever examining a map (or roadside signs prepared by people who had examined maps), but it would be very, very difficult. * It confirms that rational use of ARC by small receivers will require help from "cartographers", whereas big receivers are large enough to have their own. This sounds bad, but note that this is already true for SMTP anyway. Yes, you can deploy a mail-server at will, but securing it without the use of reputation data (typically a DNSBL) will be somewhere between very difficult and actually infeasible. Few people attempt this in practice. My guess is that if ARC turns out to be useful, then the reputation data required for small receivers to make good use of it will be readily available.
Thank you for a nice discussion
Likewise! - Roland
_______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
