On Wed, Jan 3, 2018 at 12:48 PM, John Levine <[email protected]> wrote: > > Seems to me this makes some assumptions about the way ARC consumers > will use ARC chains to decide whether to ignore a DMARC failure. > Personally, I think the most likely scenario is that they'll look at > all of the signers to see if they all are reasonably trustworthy, and > if so, look at the i=1 seal to see if the message would have passed > before being munged, and if so allow it. This requires having a giant > reputation database for every ARC signer, but that's not much of a > stretch beyond the reputation database you need to decide whether to > look at the ARC chain at all. >
Yes, but since the decision with ARC was to keep the additional trace information because it wasn't clear what was useful, to me this falls cleanly into this same bucket. I'll propose text for the Experimental Considerations section to outline this around arc.closest-fail so it can be appropriately watched.
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
