Message sender can expect message content is only stored in sender's and recipient's mailboxes after delivery. If deleted by both sender and recipient, this message is not longer exists and it's content can not be recovered.
In this scenario, (partial) message content can be stored in DMARC forensic subsystem unknowingly to user, it may violate user's privacy expectations and/or rights, depending on local legislation. 26.01.2019 14:37, Дилян Палаузов пишет: > Hello, > > for a smooth working DMARC DKIM signers and verifiers must be > interoperatable. When a server DKIM-signs a message and > sends it to another server without intermediates, the latter shall be able > verify the signature. Imagine, the DKIM > validation fails and the ruf= dmarc report email address points to the > sending server. > > What are the privacy concerns in this simple scenario that speak against > sending a DMARC/DKIM report to sending server, > telling that the DKIM validation fails? > > https://tools.ietf.org/html/rfc7489#section-9 mentions some privacy thoughts, > but these are not applicable when the > sending server obviously has already the reported message and no > intermediates are involved, that could expose > additional information. > > Regards > Дилян > > _______________________________________________ > dmarc mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dmarc -- Vladimir Dubrovin @Mail.Ru _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
