-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message <[email protected] 5.prod.outlook.com>, Ted Wham <[email protected]> writes
>any other source of email that fails authentication is definitionally >unauthorized. So why not alert the senders of these bad messages that they >might >have an open relay that has been hijacked for spam purposes by sending a >message >to the Abuse alias at the originating domain for failed messages? because most bad email that fails DMARC is sent from machines where the user is a bad person who intended their bad action rather than from an "open relay". Sending email to the bad person (or to the complicit company that sold them the resources) is an exercise in futility Open relays are rare these days (I'd not call the inability of Microsoft to check that their users are entitled to use From address strings an open relay). >In >fact, since not every sending domain has implemented an Abuse alias that's news to me ... did you mean that you imagine that the benefical user of the IP address has implemented a working abuse alias ?? (which is again not really the case, leave alone that action is taken) >, those >exception messages that bounce could actually be used in the receiving >domain's >proprietary email reputation calculations. In general the bad guys are way better at configuring systems to appear legit than the long tail of good guys are. Real world reputation systems try hard to take that into account - -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBZbWijN2nQQHFxEViEQIZWQCgm0G34L/DzgQIUnt1HcXFzX+cwlwAoJsX hcOLbG6pBSIsfROS1v6qcPDl =YnRm -----END PGP SIGNATURE----- _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
