In article <CAJ4XoYfpGMUmkDkQYN0qZeNFi_xZjfR=99yvu0dglz-z19i...@mail.gmail.com> you write: >> "DISCUSS" shouldn't really be a joke. draft-crocker-dmarc-sender suffers >from a similar problem as PRA in the SenderId draft. There is no way to >validate that the specific intermediary is authorized by the (From) domain >originating the email through it's generic signalling that it >authorizes intermediaries. This means that any source can emit a message >claiming to be a legitimate intermediary just as any source could game PR >to gain a neutral result.
That's a feature, not a bug. I want recipients to be able to assess the mail my lists send on its own merits. >One could achieve similar outcomes using >only reputation and local policy override of DMARC policy. Only if you believe that the domain on the From: line is automatically more credible than the one on the Sender: line. The whole third party problem is that the people sending their mail through lists or whatever are in fact doing so legitimately, but for various reasons their organizations' DMARC policies lie and say they aren't. R's, John _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
