Re: [dmarc-discuss] General DMARC weakness - personal forwarding

On Mon, 2018-05-21 at 09:29 -0600, Pete Holzmann via dmarc-discuss wrote: > QUESTIONS: > 1) Is anyone working to solve these issues? > 2) Has there been consideration of a forwarding token that could validate > all such emails Take a look at the work being done on Authenticated Received Chain

Re: [dmarc-discuss] General DMARC weakness - personal forwarding

1) Yes, via two methods - The first is mailbox aggregation (why setup forwarding when I can just read the mailbox for you?) which is currently supported by a number of email providers. The second is via Authenticated Received Chain (ARC - see http://arc-spec.org/). Also currently supported by a

Re: [dmarc-discuss] General DMARC weakness - personal forwarding

There are many issues with DMARC. I’m trying it out now, but having looked at IETF documents (https://datatracker.ietf.org/wg/dmarc/documents/ ) especially RFC 7960 ("Interoperability Issues between

[dmarc-discuss] General DMARC weakness - personal forwarding

I'm seeing a growing number of bounce-back errors from major players who have DMARC fully implemented. I have some observations, questions and a suggestion. Blessings, Pete OBSERVATIONS There's a pattern here that I suspect is only going to grow: * User R with SomeCo creates an email