On 2012-02-03 at 11:11 -0800, Marc Perkel wrote: > Just a quick question. SPF breaks email forwarding. Does DMARC get > around this limitation?
DMARC is based on DKIM, which is unrelated to SPF. The problem with DKIM is mailing-lists; any verifier needs to account for those and decide what to do about broken signatures in the event that it looks as though a list has been in the way. The one DMARC verifier I've seen responses from accounts for that. DMARC is an alternative to ADSP. It allows for an organisation domain, which can have a default policy for all sub-domains, with some heuristics to find the organisational domain (much as web-browsers use for cutting off cross-domain cookies, using the same list of delegating domains). DMARC allows for non-enforcing notifications. If you spend the time to read the website and specification you'll learn how to construct the TXT record for DNS, and the name to publish it under, to let you get reports back from mail providers about the mail they see that purports to be from you. I go into some of the unforeseen ramifications at: http://bridge.grumpy-troll.org/2012/02/how-private-is-your-mailing-list.html -- https://twitter.com/syscomet -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
