On Friday, October 23, 2015 4:07 PM, Scott Kitterman via dmarc-discuss wrote:
> On October 23, 2015 1:48:13 AM EDT, Roland Turner via dmarc-discuss > <dmarc-discuss@dmarc.org> wrote: > > The question is not who you trust - ARC doesn't directly change > > that - but how you reliably automate determining whether the > > message was forwarded only by people that you trust. At present, > > you have to dig through Received: headers, infer per-forwarder > > internal structure and behaviour and, frequently, guess. ARC > > addresses that problem, not the one you're asking about. > > I don't see why the signing domain of the DKIM signature that could > be added by the most recent sender doesn't already give an identifier > to use to evaluate trust in the sender. > > I can see that ARC gives a way to communicate information about the > upstream senders, but I don't see how that's related to DMARC. > > From a DMARC perspective, if you know the sender is trustworthy, you > do a local override. ARC doesn't seem to be needed for that. How do you know the sender is trustworthy, if the email he sends is failing a DMARC check? Is this ARC thing a mechanism to know when it is safe to ignore the sender's DMARC policy of "p=reject"? And if it is such, shouldn't it be part of the DMARC standard? Regards, J.Gomez _______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
