On Tue 07/Jul/2020 18:27:40 +0200 John R Levine wrote:
There's a distinction though. ARC tells you "that guy over there said the
original message passed", and you have to trust it. On the other hand, the
transformations draft, when it works, hands you the original message, and
you don't have to make that trust assessment.
I understand that, and I still don't see why it's useful.
It would allow me, for one, to honor remote DMARC policies. Of course, I'd
still need to manually whitelist non compliant MLMs. However, when the number
of those drops below a reasonable figure, whitelisting might become feasible.
It's hard to imagine a realistic situation where a recipient system would
strip off the changes and show the original message, so the recipient has to
trust that the mediator doesn't make malicious transformations.
Agreed. Undoing the changes has to be done on a temporary file, solely for
verification purposes. Undoing the changes would be illegal, if the footer
contains legal claims.
So if you trust them that far, why wouldn't you also trust them to report
the status of incoming mail?
I cannot trust ARC operators, unless I manually compile a trusted list, which
is as unfeasible as whitelisting each MLM.
I trust the original message as any other message. Allowed transformations are
designed to not pervert the original message. Consider my notes 1 and 2 about
l=, in a message upthread[*]. We can also specify limits on the size of
subject tags and footers. Transformations that insert stuff before the
original content should not be allowed —rewrite From: in such cases.
Best
Ale
--
[*] https://mailarchive.ietf.org/arch/msg/dmarc/oSX41FBGRGO_vP_4Qcd-rzIkWiI
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
