Note: not specifically in response to the message I'm replying to!
Having just read the last 30 or so messages in this thread, I'm afraid it's
all starting to feel very very circular.
1. Forwarding is a basic feature of MUAs and mail systems, whether by user
choice, rules, or "forward all" regardless of platform or mechanism. That's
been reality since (arbitrary year) 1997.
2. It can cause both technical and user-side problems due to authentication
chains being broken.
3. SPF, DKIM, DMARC & ARC all exist.
4. None of them - or even all of them together! - aren't the singular
answer to 2.
5. See 1.
I'm pretty sure we could all add a couple of extra dimensions (or even
additional cryptographic DNS signing/non-refutation/non-repudiation
protocols) for extra clarity, but points 1 and 5 are fixed and fairly
indisputable.
Unless there's anything that's really clearly new and helpful to the
discussion, let's just agree:
Forwarding is problematic, and it isn't 1997 any more.
(Also: the corporate/institutional risks of automatic forwarding and data
breaches aren't as well understood by end users as we may wish them to be)
Cheers!
Graeme
[PS up to two miles on foot now before my leg muscles cry STOP!]
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
