> -----Original Message----- > From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of Rolf E. > Sonneveld > Sent: Thursday, April 09, 2015 10:17 AM > To: Anne Bennett; dmarc@ietf.org > Subject: Re: [dmarc-ietf] Updated mandatory tag/conditional signature draft > > On 04/09/2015 03:24 PM, Anne Bennett wrote: > > Hector Santos <hsan...@isdg.net> writes: > > > >> A database is still needed of which domains will have an outbound > >> mail stream with two signatures. Some how the list domains will > >> still need to register with the Yahoos and tell the Yahoos, > >> "Please send us two signatures authorizing out list domain." I > >> would like to call this a "registration" problem because thats seems > >> to be the area of disagreement as a real problem. > > I have to agree; if this is the case, to me, it is a show-stopper. > > The genius of the DKIM and SPF and DMARC approaches is that they are > > DNS-based, and thus completely decentralized. The idea that lists > > would have to register with the e-mail providers of all of their > > contributors, or that I as a (very small!) e-mail provider would have > > to figure out what is and isn't a list, doesn't scale. > > This can be solved by having the owners of mailing lists publish a yet-to-be- > defined DNS record in which they proclaim the presence of a mailing list > within that domain. I'm contemplating to write a draft for this, as more than > one of the suggested solutions to the mailing list problem might benefit > from this. >
How does this solve anything? What prevents non-owners of mailing lists proclaiming the presence of a mailing list within "that" domain? What prevents malicious individuals setting up a mailing list and proclaiming it? > Having said that, I don't like the idea of designing all sorts of auxilliary > technologies to solve the problems introduced by DMARC, or better said: if > we'd come up with such helper technologies we should try to address as > many use cases, presented in [1], as possible. If we do not, at the the end of > the day we'll have created a myriad of new technologies, considerably > increased the complexity of the e-mail ecosystem worldwide with a net > result of zero as long as senders still treat p=reject as p=none/quarantine. > You will never avoid "local policy" - that is reality. As an aside, don't you mean " as long as VALIDATORS still treat p=reject as p=none/quarantine." _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc