Jim Popovitch writes:
> > What changed that you object to?
>
> One of the original __High-Level Goals__ was:
>
> DMARC is intended to reduce the success of attackers sending
> mail pretending to be from a domain they do not control, with
> minimal changes to existing mail handling at both senders and
> receivers. It is particularly intended to protect transactional
> email, as opposed to mail between individuals.
Actually, that word wasn't present in Murray's original -00 draft, and
was added in two places (along with a definition in terms of "business
transactions") in the -01 draft at the same time Ms Zwicky was added
as editor, in July '13. :-P According to Chrome's search function,
all three uses are still present in the current (April '14) draft (in
section 1.2 "Anti-Phishing" and section 2.1 "High-Level Goals" (which
contains exactly the text quoted above).
Based on what I've seen on dmarc@, the word "transactional" has
controversial connotations besides ruling out Yahoo!'s use case. The
problem is that Yahoo!'s problem ("acquaintance-recommended spam") is
a genuine problem, and could be addressed by DMARC "p=reject" if only
Yahoo! users would stop posting to mailing lists. :-) It's not just
business uses.
Although Elizabeth and I aren't on good terms at the moment because of
difference of opinion about Yahoo!'s behavior, I haven't seen anything
from her that would indicate that she thinks "p=reject" is a *good*
idea ... except that at the moment it's their *only* idea. :-(
Steve
_______________________________________________
Mailman-Developers mailing list
[email protected]
https://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives:
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe:
https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org
Security Policy: http://wiki.list.org/x/QIA9
