On Tuesday, March 31, 2015 6:45 PM [GMT+1=CET], Scott Kitterman wrote: > I've yet to see a proposal to include it which is both executable and > doesn't defeat the purpose of DMARC. I agree it's a problem, but one > that so far doesn't have an appropriate technical solution.
What we don't have is a "socially appropriate" technical solution. But a "technically appropriate" technical solution yes there is: "Every resender[*] who invalidates the original Author's DKIM signature must take ownership of the Header-From and re-sign the message". Simple. Easy. But socially unacceptable (for now, at least) because of the expectations of several legacy mail usages. [*] Given that said resenders are mostly non-human, but computer systems, they can be trivially programmed to behave in such a DMARC compatible way. Regards, J.Gomez _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc