On 6/3/2019 4:29 PM, Douglas E. Foster wrote:
Our real goal needs to be mandatory sender authentication. Any secure email gateway must go through these steps:
1. By 'sender', which actor in the sequence do you mean? The term is highly ambiguous.
2. Your certitude presumes an empirical foundation, given how often good theory does not make good practice. People have been working in this space for a very long time and one might have expected the industry to have latched on such a simple requirement were it that clear it was /the/ essential requirement. Please document the basis for your certitude.
3. What made you think that 'sender' authentication is not already happening at a sufficient level? What is the basis for believing it isn't already being used by filtering agents well enough?
4. Consider the limitations to 'sender' authentication. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
