>Solutions such as encapsulation of the original message or noting how to >recreate the message in a >manner that would pass DKIM, or addressing as the site actually sending the >message all meet a "least >work" standard that various whitelist proposals all seem to fail as far as >I've seen.
The encapsulation plan appears to assume that every MUA in the world will be rewritten to recognize and unwrap anti-DMARC encapsulated mail. That seems kind of optimistic. With a shared whitelist, MTAs that interpret DMARC policies check the whitelist to know when to skip the policy checks. The MUAs, mailing lists, mail-an-article etc. don't change at all. The usual handles for whitelists are DKIM signatures or IPs, neither of which need to be tied to "forwarding domains". I agree that a whitelist published per sender is a poor idea, combining the worst scaling aspects of just about every other suggestion. R's, John _______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)