On Thu, Jun 19, 2014 at 12:36 PM, Douglas Otis <doug.mtv...@gmail.com> wrote:
> Our company has had extensive experience dealing with email spoofing. > While reputation is able to deal with bulk spamming, it is ineffective at > dealing with a phishing problem, the intent behind DMARC. It is a basic > information issue. Those offering a reputation for a domain have no way to > judge which of their identifiers are being spoofed for messages handled by > third-parties. Only the spoofed domain can be considered authoritative. > To suggest otherwise implies the sharing of PII, which is not acceptable > in many regions. > DKIM coupled with reputation can only tell you if a given message was handled by a source with a good reputation. It doesn't evaluate any visible identifiers. I don't really understand the rest of what you're talking about here. -MSK
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc