Benny, I would remind you that the Note Well terms linked at the bottom of each message include "you agree to participate in a ... cordial manner". I would suggest that your conduct has slipped a little below that standard[1], and that it might be helpful and productive to take a different tack.
Your quoted example doesn't make sense to me, it shows a DMARC pass ("Authentication-Results: linode.junc.eu; dmarc=pass header.from=dmarc.org"). What's your concern? Receivers are free to require DNSSEC if they wish of course, however (a) making this mandatory in the standard would not make DMARC materially better at solving the problem that it's designed to solve, and (b) it would eliminate a very large fraction of DMARC's ability to block fraudulent email. Consequently, it would not be a useful change to the specification. The same reasoning applies to requiring that all DKIM signatures pass in order to yield a DMARC pass. Blacklisting a DKIM signer is an option open to receivers, yes, but receiver policy choices are by definition not part of the DMARC specification. Your concerns about email client limitations are widely appreciated, but are out of scope for this list in that we're not in a position to fix them. - Roland 1: - "wake up admins" is clearly not cordial - "i am also unimpressed of that dmarc can pass with no dnssec, badly designed" likewise (other members of the group do not exist to impress you) - "bad designed on thiese maillist" could only be regarded as cordial if it were a step in an argument linking agreed criteria to a better implementation, however the situation in this case is that you happen not to agree with the criteria that the list administrator is pursuing, but apparently want to acknowledge this, meaning that your choice of terms is pejorative and not at cordial From: dmarc-discuss <dmarc-discuss-boun...@dmarc.org> on behalf of Benny Pedersen via dmarc-discuss <dmarc-discuss@dmarc.org> Sent: Wednesday, 5 October 2016 02:27 To: Elizabeth Zwicky Cc: dmarc-discuss@dmarc.org Subject: Re: [dmarc-discuss] dmarc.org breaks dkim & dmarc On 2016-10-04 19:41, Elizabeth Zwicky wrote: > The DMARC on the mailing list passes when it reaches me -- it appears > that something in the path between you and dmarc.org is the problem > with breaking the DKIM signature. correct, did i get a problem on postfix maillist ? > Since it's dmarc.org's DKIM signature, it's put on after all the > mailing list handling, so I'm not sure why anybody thinks mailing list > handling is involved? dmarc.org have choiced to take over ownerships, and now its there problem thats why you see dmarc still pass, but its not the originating domain sender what will happend if opendmarc skips last signer if multiple signed ?, imho opendmarc should really be more dnssec strict, and make all dkim keys pass before it does dmarc pass, my msgs do pass on dmarc.org mailserveres, but since thay fix some unknown problem with mailman it will not give dkim pass on return, and hell broke out with it :( as it is now we all loose on it :/ createing arc as another problem to solve does imho not make dkim more unstable or better, there was nothing to fix really, sadly _______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html) _______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)