Vlatko Salaj writes: > so, what i am proposing is changing adkim and aspf DMARC tags so > they become: > > a comma-separated list of "alignment-strength:domain" pairs, in which
OK, I understand now. This probably doesn't solve the mailing list problem, especially since you'll run into the UDP size limit real fast (your protocol will use a *lot* of octets for domain names), and I doubt domains with a lot of wear and tear on their nameservers will be happy about using TCP (my employer's nameservers don't accept TCP queries from me, at least). > > Unfortunately, AFAICS it doesn't address my needs (ie, MLMs), so I > > doubt I will be able to find time to work through it and figure out > > what you're suggesting in concrete terms. > > on small scales, like 1-15 ML-domains, it can address those needs > too. 1-15 MLs? I subscribe to about 30. I think this is only going to be useful for personal domains with 1-3 users, and even then there will be many the way overtretch the practical bounds. > in respect to DMARC policy, author-domain should have control > over who posts email on its behalf. that was my point. But in reality it does not and never will. It can't stop posting from hosts outside of its control at all. It can ask other domains to help enforce its policy when they receive such messages, but they may not. For a benign example, consider a honeypot feeding data about mail abuse to a research project or a machine learning algorithm. > receivers should have nothing to do with that, no guesswork, in > respect to DMARC, but they r forced to do it now, going even as far > to process "p=reject" as "p=quarantine". Nobody is *forced* to do any such thing. Eg, Gmail *chooses* to treat "p=reject" as advisory, we know that *some* messages that should be rejected according to DMARC do get through to the recipient (at least to the spam folder). They do this not because they hate Yahoo!, but because they think that is what will please their users without doing Gmail any hard. *This is as it should be.* Other domains silently discard (my personal domain, which no longer has any yahoo users among senders it wants to hear from), and I know a few ML operators who have seriously considered doing the same even though they do have posters from Yahoo! or AOL. > yeah, well i don't define trivial and easy like that. and i doubt > any ESP will introduce something like that. Once again, you are not paying attention. Franck Martin testifies that he knows of many ESPs willing to make necessary adjustments, and who are already doing so. _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
