In article <[email protected]> you write: >Which still leaves the question of what the value proposition is since >if you trust the source, what more does ARC really do (I suspect that >the answer is more tokens to run through your bayesian or whatever >filter)?
When I asked that a while ago I got a quite reasonable response. Mailing lists do a lousy job of spam filtering, often only checking that the From: address is a subscriber, and it is quite common for a legit list to start leaking or even gushing spam. I've often seen it when someone's address book gets stolen, spammers start taking (from, to) from) pairs from the address book, and one of the pairs happens to be (another subscriber, list). ARC lets the recipient look back and retroactively do the filtering the list didn't. As a concrete example, I find that it is extremely rare for legit mail coming into a list to be DMARC unaligned (as opposed to mail coming out of the list) so if you can look back at the ARC chain and demote mail which failed DMARC coming in, you will catch a lot of spam without a lot of mistakes. R's, John _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
