A new meeting session request has just been submitted by Barry Leiba, a Chair
of the DMARC Working Group.
-
Working Group Name: Domain-based Message Authentication, Reporting
Conformance
Area Name: Applications and Real-Time Area
> Content filtering creates a need for whitelisting
> Any domain may require whitelisting, regardless of sender policy.
> Whitelisting is only safe if it is coupled with an authentication mechanism
> which prevents impersonation.
> Therefore, sender authentication, by a combination of local
Glad you are seeing DMARC benefits. I suggest a full set of management
statistics should be based on 100 of messages, and include:
% blocked by reputation
% blocked by DMARC Fail+Reject
% Authenticated by DMARC
% Authenticated by local policy
% Not authenticated
"Not Authenticated" is an
No. Realistically, this is the last document likely to come out of this
group on this subject. So I am no sure to publish it unless it fixes the
coverage problem.
To state the coverage problem another way:
- Content filtering creates a need for whitelisting
- Any domain may require
On Thu 14/Sep/2023 16:39:49 +0200 Murray S. Kucherawy wrote:
On Wed, Sep 13, 2023 at 6:01 PM Douglas Foster wrote:
Our assumed reference model is a fully automated, by-the-spec
implementation of RFC 7489. In particular, this means that:
- when p=none, unauthenticated messages are never