On Fri 21/Jul/2023 20:53:03 +0200 Jan Dušátko wrote:
Dne 21. 7. 2023 v 16:34 Murray S. Kucherawy napsal(a):
On Wed, Jul 19, 2023 at 6:31 PM Douglas Foster
<[email protected]> wrote:
My problem with your favorite line is that the domain owner's preference
is of no interest to my filtering decision, but the DMARC result is.
Since even before SPF, people have been looking for a silver bullet to stop
spam and phishing. [...]
Although SPF, DKIM, DMARC, and ARC are all intended to protect against SPAM, it
is not possible, as a matter of principle, to protect against such kind of
communications. They will only allow, to a certain extent, protection against
fake emails. But SPAM is junk mail, which includes official, albeit
unsolicited, communications from organizations that meet the requirements of
the technology.
Exactly. The silver bullet goal was exactly to force spammers to send their
junk with their own name and credentials. At that point, the narration goes,
it will be easy to obtain domain reputation or age.
That trend is already ongoing. There are even specialized registrars. For
example NameSilo offers discounts for customers who buy 5000+ (privacy
protected) domains[*].
To be precise, SPF, DKIM, DMARC, and ARC are intended to protect against spoof,
not against spam. Thereafter, the focus moves to registration data and
reputation, balancing the right to anonymity with domain responsibility. IMHO,
anonymity has to be granted by someone who is not anonymous in turn.
Best
Ale
--
[*] https://www.namesilo.com/pricing
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
