> On 16 Aug 2020, at 19:16, John R Levine <jo...@taugh.com> wrote: > > On Sun, 16 Aug 2020, Alessandro Vesely wrote: >>>>> If I put my gmail address into the from field, there is no pretending, no >>>>> matter what platform I am using. >>>> That conflicts with the coarse-grained authentication strategy, >>>> established at the FTC Email Authentication Summit in November >>>> 2004, as Doug^W Michael recalled. > >>> 1. I was making a semantic point, not a technical or technical policy one. >> >> They have to match at some point. > > Sorry, that's just wrong. There's no technical reason a mail message can't > have any identifiers the sender wants. > >>> 2. There was nothing 'established' at that event. There were interesting >>> discussions, but that's all. >> >> I wasn't there. Can't it be considered the historic event that marked >> domain-level authentication as the promising strategy to counter email abuse? > > No, it was just some political theatre. We were already working on SPF and > DKIM.
I don’t remember much focus on domain-level authentication at the event. Authentication was one small piece of the discussion but not even a focus. My recollection is that the 3 days were mostly about scoping the spam problem, not solving it. The forum page is off the FTC website, but the document links are still accessible: https://www.ftc.gov/sites/default/files/documents/public_events/ftc-spam-forum/transcript_day1.pdf <https://www.ftc.gov/sites/default/files/documents/public_events/ftc-spam-forum/transcript_day1.pdf> https://www.ftc.gov/sites/default/files/documents/public_events/ftc-spam-forum/transcript_day2.pdf <https://www.ftc.gov/sites/default/files/documents/public_events/ftc-spam-forum/transcript_day2.pdf> https://www.ftc.gov/sites/default/files/documents/public_events/ftc-spam-forum/transcript_day3.pdf <https://www.ftc.gov/sites/default/files/documents/public_events/ftc-spam-forum/transcript_day3.pdf> >> DMARC took that strategy to the extremes. A number of users and operators >> seem to have accepted it. Why cannot we accept it too? > > Please review the previous bazillion messages on this topic. There’s a difference between accepting it and working around the damage it causes to let users continue to use mailing lists. Consumer mailbox providers deciding their users couldn’t participate in mailing lists was and is a problem. Companies preventing their employees from participating in work related forums was and is a problem. laura -- Having an Email Crisis? We can help! 800 823-9674 Laura Atkins Word to the Wise la...@wordtothewise.com (650) 437-0741 Email Delivery Blog: https://wordtothewise.com/blog
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc