On 6/12/2014 7:57 PM, Stephen J. Turnbull wrote:
Sure, but as soon as the spammers adapt and start spoofing lists, you
need to check the list's signature anyway.
And I don't think customers who sign up for a list will be happy with
losing mail for a month.
RECOMMENDATION:
In principle, the LSP SHOULD do be denying any new subscriptions from
restrictive domains.
If the LSP decides to have exceptions and ignore the restrictive
security policies, it MUST warn the user with a confirmation or
welcome notification message. It SHOULD also regulate subscription
attempts during the online initial subscription process, i.e, describe
what will happen, have a TOS, some "red" highlighters, etc. In all
cases, it MUST warn the users of any tampering will be taking place
with the authorship which may have a "scratch your head" negative
effect on readers of any 5322.From tampered mail. It should consider
documentation verbiage that explains the reason:
"This is not normal practice, and readers SHOULD NEVER
expect authorships to be display with any invalid
indicators. However, __{explain your reasons here for
the drastic exception}__."
--
HLS
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
