On 12/30/20 7:40 AM, Todd Herr wrote:
I already said there is a thunderbird extension called dkim-verify
that does exactly that. It says "DMARC: fail". That is highly
misleading to the user.
I see.
I wrote "MDAs and local clients (web and mobile) at the mailbox
provider", and I was referring to things such as Gmail's web client,
Gmail's mobile client, etc.
You are talking about an extension for Thunderbird, which is different
from what I'm talking about.
Thank you for the clarification.
This would be a problem for any MUA. That's the point. It's not
different, it's the exact same problem for every MUA. There is no
normative mechanism that gives anything downstream from the DMARC check
producing the auth-res to be able to use that information correctly. And
we sure don't want billions of MUA's doing DMARC checks on their own
because of the inadequacy of auth-res. There is code in that extension
to do exactly that. If that were widespread, it would be disastrous.
Mike
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
