----- Original Message ----- > From: "John Levine" <jo...@taugh.com> > To: dmarc-discuss@dmarc.org > Cc: e...@in3x.io > Sent: Thursday, August 20, 2015 1:57:19 PM > Subject: Re: [dmarc-discuss] Still having problems with third-party sending
> DKIM and DMARC and for that matter SPF are not designed to > distinguish among authorized senders for the same domain. If you want to > manage > multiple mail streams independently, use subdomains. > > >- From addresses should look like: x...@intelli-shop.com . > > Use something like x...@email.intelli-shop.com. They can delegate > email.intelli-shop.com to you, then you can set up all of the DKIM > and SPF and DMARC stuff for that subdomain any way you want. If you look > at the mail coming from large brands, you'll see that's pretty > common. I've been looking at examples. I'm not sure how to solve the problem of recipient perception of the subdomain. we have been so effective at convincing people that email addresses that look different from what you are expecting are a phishing attack and they should simply delete it that they do not respond to our subdomain emails but still fall for real pishing. yes, the irony is not lost on me. also, the DMARC third party methods seem to be aimed at solving the one way communications problem (newsletters, bills, notices) and not where the bulk mail is the start of a two way conversation. another issue with subdomains is the return address. maybe a customer can alias one domain on top of another but that also triggers suspicion on the part of the recipient. not sure how to handle that one. > DKIM selectors are for key management, not to create multiple mail > streams visible to outsiders. You're not the first to have that > misunderstanding but I don't know how to make it any clearer in the > documentation. Maybe the "misunderstanding" speaks to a common conceptual model for outsiders? what are the implications of generalizing selectors to identifying different streams? _______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
