>The OAR isn't necessary for a DMARC "compliant" MLM which would know to >make sure the message passed DMARC as sent by following one of the >mitigation strategies (don't munge the message, munge the from, embed the >message as an attachment, etc). It seems necessary for any whitelisting >scheme, however, otherwise an "anyone can post" mailing list on a host >which doesn't enforce DMARC is a wide-open hole.
But any list that doesn't limit who can post is a wide open hole anyway. I don't think there are very many, and don't much care what happens to them. The only one I subscribe to is freebsd-users, whose managers apparently believe that limiting who can post is pointless because the spammers care enough to find the list and subscribe. R's, John _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
