Dear all,
In IETF 101, Genki gave a presentation about "virtual DMARC."
https://datatracker.ietf.org/meeting/101/materials/slides-101-dmarc-virtual-dmarc-dmarc-verification-without-record-definitions-00
https://datatracker.ietf.org/doc/draft-akagiri-dmarc-virtual-verification/
Here is an implementation of virtual DMARC,
based on a milter program YENMA.
https://github.com/lepidum/yenma/tree/vDMARC
Your trial use and feedback are appreciated.
Thank you for your comments on virtual DMARC.
We know there are a lot of things to be considered.
Further comments are welcome.
Best regards,
Shoko
On 2018/03/20 18:35, Kurt Andersen (b) wrote:
On Mon, Mar 19, 2018 at 7:14 PM, Steven M Jones <s...@crash.com
<mailto:s...@crash.com>> wrote:
I want to thank Yasutaka san for presenting the Virtual DMARC
proposal. I believe the situation he and his colleagues are
addressing would benefit from more attention.
Aside from changes to the "dmarc=" allowed values in
Authentication-Results: - and I think this echos a point made during
the session - the underlying issue seems to be the use of
DMARC-style alignment checks in the absence of a DMARC policy record.
In some hallway discussion after the session yesterday, we discussed the
assertion (made during the meeting) that all of the necessary
information to evaluate alignment is already present within the headers
on a message. While that is true for the initial receiver, there are
scenarios for intermediated mail where the 5322.From may be modified
(for instance, SRS processing) and as such, the alignment of the
original message may not be able to be deduced by downstream MTAs. It
may be worthwhile to consider earmarking the 5322.From domain into ARC's
AAR header to cover such a scenario. Whether that information should
also be recorded into the A-R header is less clear.
I think it is pretty clear that this is not and can not be "DMARC"
without sender participation, but alignment of identifiers can certainly
be recorded for downstream usage.
--Kurt
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc