On March 31, 2015 7:49:53 AM EDT, Hector Santos <[email protected]> wrote: >Don't quite get it, Scott. There is no DMARC record so the >transaction would be "DMARC indeterminate" -- no DKIM signing policy.
I think it's called none, but the point is that as a third party sender, their setup can't get entangled with customer first party sender setup which might have DMARC. >If it did have a DMARC record, in order for this transaction to DMARC >pass, it would require relaxed alignments for SPF and DKIM: > > adkim=r > aspf=r > >Correct? Which is the default. >subdomains has more inherent "trust" than having completely different >main domains. The problem of course, DMARC excludes this legitimate >3rd party signer possibility in its protocol. I've yet to see a proposal to include it which is both executable and doesn't defeat the purpose of DMARC. I agree it's a problem, but one that so far doesn't have an appropriate technical solution. Scott K _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
