Hi Terry,
At 11:27 24-04-2014, Terry Zink wrote:
1. DKIM has much more prevalence in 2014 than it did in 2006, so
requiring it today isn't as big an obstacle.
2. DKIM doesn't tie the d= signature field to the 5322.From:
address. So, you can DKIM-sign all you want and add authorized third
party signatures all you want. But if the From: address is different
than what was authenticated, then the end user won't understand the difference.
3. DMARC is basically an anti-phishing technology, whereas while
DKIM + ADSP can do that, it doesn't do it as well. It's less
intuitive to end users. And because DMARC is better
I don't recall the time line as it's been a long time. ADSP tied the
5322.From address to the "d=" tag. ADSP was controversial (re.
discussions about lost of mail, etc.). Mail usage is not as
prevalent as before. The loss of mail might be considered as
acceptable nowadays. There's also the "cybersecurity" [1] angle.
Regards,
S. Moonesamy
1.
http://www.spiegel.de/international/europe/british-spy-agency-gchq-hacked-belgian-telecoms-firm-a-923406.html
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
