Hector Santos writes: > How about the MLM receiver, will it filter the fraud?
Why wouldn't it? All do (at least, anybody who hopes to deliver to the large providers does). > Will it remove the restrictive domains that do not want any 3rd > party resigners? No. Such domains simply don't participate in delegation protocols. If, furthermore, they want to restrict their users from posting, they should do so. I suppose domains participating in the DMARC protocol have the information needed to detect violations by their users. MLs don't have that information. In any case, AFAICT, the p=reject domains that originate 99% of list posts covered by p=reject are not restrictive in that sense -- they do permit their users to post, and are pleased when their users' posts are distributed by mailing lists. > Will you respect and honor the exclusive, restrictive policies? If you mean rejecting when p=reject and From alignment fails at receipt, yes. If you mean guessing what the Author Domain intends on resent mail where behavior is not specified by protocol, that's up to the ML admin. I expect almost all will engage in mitigation rather than preemptively reject. Again, it's the Author Domain's responsibility to set policy for its users, and DMARC participating Author Domains do have the information needed to enforce such policy, I suppose. The ML does not. > > Implementation is hardly high cost. > > "Sez you" Sure, but I also explained what I think the required resources are. If you think that's costly, well, "YMMV" always applies to such opinions. > > Large domains can generally afford the cost of revising their > > custom MTAs. > > That doesn't mean will they alter their code especially when don't > have to address the resigner issue. t also doesn't mean they won't. But if there is no protocol for resigning, we can be sure they won't. Steve _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
