On 12/15/20 8:01 AM, Todd Herr wrote:
I'm not sure there's anything actionable about DMARC's policy values.
you mean p=quarantine, or p=* in general?
Obviously indirect mail flows, such as mailing lists and forwarding,
complicate matters greatly here, as the handling by the intermediary
host(s) can and will lead to a higher percentage of authentication
failures. The community has attempted to mitigate this problem;
RFC5322.From header rewriting, RFC5321.From header rewriting (e.g.,
SRS), and ARC are among the attempts put forth so far, but none have
been deemed The Solution(tm) yet. In my opinion, ARC has promise,
because if a message reaches me as a receiver or even intermediary and
fails the authentication checks I perform, ARC header sets in the
message can tell me whether or not such checks passed at previous hops
*if I trust the entities that inserted those ARC header sets*. In an
earlier thread, I floated an idea about ARC sealer reputation, but it
didn't draw much response, so I'll float it here again in the hopes
that it does.
We've always been able to check the reputation of lists that resign the
message. The reputation is the previously (un)solved problem.
Mike
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
