OK, I will talk real. Message rewriting is a privileged function, because it can be misused. Privileges require trust and trust requires a trusted identity.
In this context, the privilege has to be granted by the evaluator, and the list has to know that the evaluator has granted that privilege. You have two options: - use only the list organization identity, so that the evaluation is based on the list identity, OR - register with the evaluator, so that you are granted privileged status to use other organization identities, and know that you have been granted privileged status. ARC fails on exactly this point. ARC only works if the evaluator examines ARC and the List knows that the evaluator will use ARC to allow list messages. Without that knowledge, the list has to assume an absence of trust and use a fallback method of sender rewrite. When 60% of the world implements ARC, we will still need 100% From-munging, unless there is out-of-band communication between the evaluator and the list. Doug On Thu, Oct 7, 2021 at 5:06 AM Alessandro Vesely <[email protected]> wrote: > On Thu 07/Oct/2021 00:32:30 +0200 Douglas Foster wrote: > > I can define three ways that a list can be reliably identified. > > The list bounce address is known to the evaluator, and: > > - The list bounce address is known to the evaluator and the message is > DKIM-signed by the list bounce address. > > - The list bounce address is known to the evaluator, is the message's > MailFrom address, and the message produces SPF PASS. > > - The list's server identities are known to the evaluator, and can be > verified by IP address and/or Forward-confirmed DNS. > > > How come a list is known to the evaluator? I don't want to go hunting > each and > every mailing list I ever subscribed to, let alone pester my users for > doing so > in turn. > > For wet dreams, I did outline a three-way opt-in whereby servers become > aware > when their users subscribe to mailing lists... Let's talk real. > > > Best > Ale > -- > > > > > > > > > _______________________________________________ > dmarc mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dmarc >
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
