On Wed 01/Jun/2022 05:14:22 +0200 Douglas Foster wrote:
As John observed, there is no way to provide outbound authentication for
these addresses, because authentication is based on domain name (and
changing that would take 100 years to deploy.) [email protected] and
[email protected] are likely to be using different message sending systems.
Why? Smith.name has the same mx servers as bustos.name. They could have the
same mailouts as well.
David's mail arrives through messagingengine.com (Fastmail) which provides the
webmail and also puts a DKIM signature, with d=messagingengine.com.
Who chose Fastmail as mail service provider?
The point of domain level authentication, stressed by DMARC by requiring
alignment, is that hosting domains provide mail servers for both incoming and
outgoing messages. The old habit of sending out mail through ISPs had to be
abandoned. If Fastmail was contracted by Verisign to send mail for *.name
users, they could virtualize their service as well.
Best
Ale
--
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
