On Mon, Apr 17, 2023, at 8:37 AM, Laura Atkins wrote:
> Should the IETF make the interoperability recommendation that SaaS providers
> who send mail on behalf of companies support aligned authentication? That
> means custom SPF domains and custom DKIM signatures.
>
> And if they can’t, then do
We tend to talk about legitimacy in contrast to malice or criminality, but
in my economics classes, legitimacy was less pejorative. Gaining
legitimacy meant gaining the social acceptance to continue operating.
When a business gains enough customers to turn a profit, it has
legitimacy. If it
Hector Santos skrev den 2023-04-18 20:47:
So your verifier see Benny’s as suspicious because of arc=fail?
it does imho not fail on my own arc ?
Benny is telling the world “ietf.org [1] is authorize to resign on
my behalf” via DNS. No headers required. No delayed learning
necessary.
if
On April 18, 2023 10:25:00 PM UTC, Jim Fenton wrote:
>On 9 Apr 2023, at 11:33, Barry Leiba wrote:
>
>> There is an alternative, though: we can acknowledge that because of how
>> those deploying DMARC view their needs over interoperability, DMARC is not
>> appropriate as an IETF standard, and
On April 18, 2023 10:00:45 PM UTC, Jim Fenton wrote:
>On 9 Apr 2023, at 0:50, Murray S. Kucherawy wrote:
>
>> (Note, here, that Barry has in his proposed text limited the constraint to
>> those types of deployments where the damage is likely. I concur. DMARC,
>> as currently defined, works
I'm glad you brought up the binding operative, I had the same thought.
The federal mandate also pushed several state governments to follow
suit, as there wasn't any pressure before (even though federal BO's
don't technically apply to state governments.)
Examples:
Alabama - reject
On 9 Apr 2023, at 11:33, Barry Leiba wrote:
> There is an alternative, though: we can acknowledge that because of how
> those deploying DMARC view their needs over interoperability, DMARC is not
> appropriate as an IETF standard, and we abandon the effort to make it
> Proposed Standard.
>
> I see
On 9 Apr 2023, at 0:50, Murray S. Kucherawy wrote:
> (Note, here, that Barry has in his proposed text limited the constraint to
> those types of deployments where the damage is likely. I concur. DMARC,
> as currently defined, works just fine when deployed in transactional
> situations. Or, at
On Apr 18, 2023, at 1:11 PM, Alessandro Vesely wrote:
>
> Perhaps when DMARC will work smoothly, someone will find out how to tell
> legitimate rewriting from plain spoof.
>
Lookup DMARC record and begin to piggy back off this lookup:
- Check for rewrite=1 tag indicating allowance to
> On Apr 18, 2023, at 12:24 PM, Alessandro Vesely wrote:
>
> What's the point of wearing an atps record if it's not called out in a DKIM
> signature? (I wouldn't have tested it anyway).
Alessandro, you are already doing the DNS call for DMARC. Hitch a ride!! You
can check for atps=y or
On Mon 17/Apr/2023 22:59:29 +0200 Dotzero wrote:
On Mon, Apr 17, 2023 at 12:05 PM John Levine wrote:
It appears that Laura Atkins said:
Is this another issue we should document and make recommendations
about? I was thinking along the line that transactional SaaS providers
should fully
On Tue 18/Apr/2023 00:48:30 +0200 Benny Pedersen wrote:
Hector Santos skrev den 2023-04-17 20:55:
One solution is for the junc.eu domain to add an ATPS authorization
record for ietf.org [1] to the junc.eu [2] zone:
pq6xadozsi47rluiq5yohg2hy3mvjyoo._atps TXT ("v=atps01; d=ietf.org;")
retest
On 4/17/2023 6:48 PM, Benny Pedersen wrote:
Hector Santos skrev den 2023-04-17 20:55:
One solution is for the junc.eu domain to add an ATPS authorization
record for ietf.org [1] to the junc.eu [2] zone:
pq6xadozsi47rluiq5yohg2hy3mvjyoo._atps TXT ("v=atps01; d=ietf.org;")
retest
[3]
13 matches
Mail list logo
