Hi Dilyan, On Sun 04/Aug/2019 12:10:51 +0200 Дилян Палаузов wrote:
> The receiving server knows, which IP address sent the mail and it knows, to > which IP addresses set the failure report will go. If there is a match in > the IP addresses, then the receiving server knows that the one who will get > the report is also the one, who has anyway access to the message. That's not always true. For example, I know of mailbox providers who, on delivery, automatically encrypt cleartext messages to the public key of the recipients, including the Sent folder. Operators at that provider's aren't able to sniff message contents unless they're sent back on failure by receiving sites. In general, users trust their mailbox providers also because of the policies they enact. Matching those policies with unwarranted disclosure of messages is not straightforward. In addition, the most interesting reports are messages not coming from my IP. Scammers abusing may domain name use their own IPs. I see those failures in the aggregate reports, but don't know if the IPs mentioned there correspond to mailing lists or other legitimate forwarders, or even some ill-informed users of mine who send their mail through their ISPs. That's why I need failure reports. It would be enough if the aggregate reports contained an indication of the spamminess of those messages, or the reputation of those IPs. Failure reports for messages originating from my IP are only useful for debugging. An activity which I can more easily do by using free mailboxes, as you said, or sites specifically dedicated to testing email. Best Ale -- _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
