On Sep 15, 2022, at 9:57 PM, Cyril - ImprovMX via mailop
As someone whose addresses is regular forged in spam: NO.
On 9/16/22 7:18 AM, Bill Cole via mailop wrote:
+1
I thought that we were to a point that SPF was mitigating a lot of out-and-out forgeries. At least between purported senders that publish sufficiently strict SFP records and recipients that honor said SPF records.
Don't do reporting without a *trustworthy* explicit request to do so from the owner of the address being reported to. ARF reports to randomly forged putative senders is not going to go well.
I wonder if there's room to leverage ~> extend DSN's NOTIFY to add an ARF option wherein this is a flag to the last responsible mail server to conditionally send an ARF if the message is not accepted / delivered normally. Wherein the condition would look up information on the purported sending address / domain to see if it should send an ARF and the details therefor.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
