On Sat 15/Aug/2020 11:02:06 +0200 Murray S. Kucherawy wrote:
On Sat, Aug 15, 2020 at 12:47 AM Alessandro Vesely <[email protected]> wrote:
[...]
Syllogism goes like so: Mailing list must not accept strict DMARC
policies, humans may happen to use mailing lists, therefore email
domains which hosts mailboxes used by humans must not publish strict
DMARC policies. Is that really what we seek? I hope not.
It is our current reality, and in my humble opinion, we've nobody to blame
but ourselves.
The workarounds we have on the table, to standardize From: rewriting
possibly copying the original From: value to some other field
(Author:, To:, Reply-To:), to verify DKIM modulo transformations, and
to accept a tunable set of Sender:'s do have the potential to smooth
enough harshness and thereby avoid that cans which invalidate
themselves mess up the store and ruin nearby products, don't they?
The first one of them has already proved its effectiveness. If X
pretends to be Y, it must do so in a verifiable, uncloakable way. How
processes which rely on the cloak can still believe it has to be
worked out case by case. The more alternatives we provide, the more
likely one of them can suit a given case.
Best
Ale
--
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
