On Thu, Apr 17, 2014 at 12:49 PM, John Levine <jo...@taugh.com> wrote: >> > 3. alignment domain-list value to include in alignment check: >> >> >> It doesn't scale as a complete solution for mailing lists. I don't see >> any scaling problem for the case of a domain used by a single entity >> that wants to authorize a few service providers to send email on its >> behalf. > > > Is that really a problem? I was under the impression that a sender > either adds the providers' IPs to their SPF record, or gives them a DKIM > signing key. > > This seems quite different from the mailing list problem, where it's > unlikely that it is practical to track exactly which lists its users > subscribe to.
It's a problem if the service provider wants to offer bounce processing by using their own domain for the return path, which I think is not uncommon. That puts SPF out of alignment. Sharing a DKIM key is a solution, but is not trivial. The alignment domain-list solution seems trivial to me, and it works without active support from the sender, which is nice. Regards, Joe Humphreys _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc