Not sure who wrote this anymore:
At one time I suggested adding a feature to list domains that could be considered "in alignment" with yours. So if a domain owner wanted to authorize an email service provider, they could just add something to their DMARC policy to specify the domain the ESP uses for SPF/MailFrom and/or DKIM signing. I am still curious what's wrong with this proposal. It seems to me to cover Vlatko Salaj's use case, and would certainly be easier to implement than arranging to share a DKIM key.
That seems like it would only work if one is designating only one, or a small number of ESPs. It doesn't seem to address the mailing list case - Yahoo's subscribers, en masse, belong to a huge number of lists, hosted all over the place. Which scales about as poorly as SPF (if you do mailing lists, you end up back at v= +all.
So we're back to managing whitelists. -- In theory, there is no difference between theory and practice. In practice, there is. .... Yogi Berra _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
