>Could this work with simply the removal of the last sentence
>covering best practice?
the more that was removed the better
- --
richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporar
be superfluous
- --
richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755
-BEGIN PGP SIGNATURE-
Version: PGPsdk version 1.7.1
iQA/AwUBZ
r more subtle than that (precisely to allow "?")
Google should speak for themselves
- --
richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benj
to guide people. If
not then that should be fixed ASAP.
But I'm not surprised that the researchers had not come across it, or if
they did they did not understand exactly what it did -- you may recall
that I did not either first time around.
- --
richard
ally be used in the receiving
>domain's
>proprietary email reputation calculations.
In general the bad guys are way better at configuring systems to appear
legit than the long tail of good guys are. Real world reputation systems
try hard to take that into account
- --
richard
very good resource and could be referenced.
I think you may have the wrong mailing list. I don't believe DMARC has
any relevance to (or interest in) identifying individual email senders
rather than detecting unauthorised use of domains.
- --
richard
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
In message <564e68e5-c121-45f1-afef-3770b7377...@tana.it>, Alessandro
Vesely writes
>On Sun 12/Nov/2023 09:26:32 +0100 Richard Clayton wrote:
>> In message <55dc7b67-e48a-4eb3-9cdc-4e4319cc7...@marmot-tech.com>, Neil
>
- --
richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755
-BEGIN PGP SIGNATURE-
Version: PGPsdk version 1.7.1
iQA/AwUBZVCMON2nQ
a version bump ... but
there was no consensus for that. However, careful reading of reports
will tell you whether those evaluators who send reports have updated,
and you can take a view from those
- --
richard Richard Clayton
Those who would give up es
ichard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755
-BEGIN PGP SIGNATURE-
Version: PGPsdk version 1.7.1
iQA/Aw
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
In message , Wei Chuang writes
>I don't think the SPF '?' qualifier approach works because as Richard
>Clayton said earlier of RFC7208 "Sender Policy Framework (SPF) for
>Authorizing Use of Domains in Email, Version 1" sec
for reducing the opportunity for replay, viz: it would be a
Good Thing for senders to set appropriately short expire times.
- --
richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Libert
dressing the reality that such records are often,
necessarily, far too wide to provide real authentication, we must have a
way in DMARC of saying "only consider DKIM".
- --
richard Richard Clayton
Those who would give up essential Liber
mplex)
There are 5 or so in this group...
Surely you are not going to ask them to leave.
- --
richard Richard Clayton
Those who would give up essential Liberty, to purchase aBenjamin
little temporary Safety, deserve neither Liberty nor Safety
may arise if theu post to
Internet mailing lists.
I'd even live with a MUST for that second sentence :-)
- --
richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty
n resources depending on
demand will struggle to "fix it" ... that's why it was so widely drawn
in the first place. Senders using shared IPs at ESPs are also not in a
position to "fix it" -- they can only hope that the ESP correctly
polices what is being sent by each particu
0.3 million spoofed messages not delivered to end
users.
from which you will see that there are were a number of irrational
attackers, but that the rational ones now found their task harder
- --
richard Richard Clayton
Those who wou
eave alone seconds) -- but
people seem to get twitchy (for no really good reasons in my view given
the general stability of these records) when I suggest ignoring the DNS
server's TTL altogether and using 7.5 days instead.
- --
richard Richard
s
- --
richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755
-BEGIN PGP SIGNATURE-
Version: PGPsdk version 1.7.1
iQA/AwUBZMede92nQQHFxEViEQIPGwCcDuLpBRPm0NyhHt60
forwarded from third parties where there is a trusted attestation by the
third party that the email met the requirements for a DMARC pass when it
was received by them.
- --
richard Richard Clayton
Those who would give up essential Liberty, t
n practice) to make their lives easier at this point is
a snare and a delusion.
- --
richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755
-BEGIN PGP SIGNATURE-
V
or for unusual sets of spaces
(where "invisible" Unicode values have been substituted)
better yet of course get hold of the original email before it was signed
and sent to you -- but spammers tend not to help you with that !
- --
richard Richard
ink, counting
quickly on my fingers, it's +3 -- and for the vast majority of cases +0)
- --
richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin
scenti so much simpler.
- --
richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755
-BEGIN PGP SIGNATURE-
Version: PGPsdk version 1.7.1
iQA/AwUBZIT54d2nQQHFxEViEQJw
24 matches
Mail list logo
