On 4/25/2015 6:24 AM, Rolf E. Sonneveld wrote:
I'd like to note that it is the presence/existance of actor
"Mediator" which induces the DMARC compatibility problems with
indirect flows.
I.e., if you supress the Mediator, all is fine and dandy. That fact
should at leat put some pressure on Mediator regarding the searching
for a solution, and should induce Mediator to acknowledge that he
will have to assume certain costs for such a solution.
I see Originator already assuming costs: deploying SPF in DNS and
keeping it current, deploying DKIM records and DKIM-signing outgoing
email, deploying DMARC records and being vigilant regarding
Header-From alignment in his outgoing email, etc.
And I see Receiver already assuming costs: setting up systems to
check SPF, DKIM and DMARC for incoming email, dealing with the
support costs of false positives and phised users, sending out DMARC
reports, etc.
What costs are Mediators currently taking to improve
validation/authentication of the email system as a whole?
and what benefits do they get in return?
Smooth operation?
Mediators don't really need to change, but their entry points need to
support DKIM+POLICY. For example, the Mediator receiver can simply
support honoring restrictive policies and it doesn't need to bother
with much else.
--
HLS
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
