It must be unusual for an authentication protocol to specify in the RFC how to work around its own authentication mechanism.
"Domain administrators must not apply dmarc authentication to domains from which end users send mail that may be re-sent via lists or automatic forwarding." -- done. Then dmarc will be simple and reliable, and bank statements and similar messages are protected as intended. Building in a standard workaround significantly weakens the whole concept, doesn't it? -- Joseph Brennan Lead, Email and Systems Applications Columbia University Information Technology _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
