DMARC helps establish a verified identity. Delivery is based on reputation. The two are very different.
Unwanted mail with DMARC validation will be blocked on the same basis is unwanted mail without it. But a verified identity is helpful for ensuring that wanted mail is not blocked. There is no vulnerability created by DMARC. On Jun 19, 2020 1:17 AM, Jim Fenton <fen...@bluepopcorn.net> wrote:On 6/18/20 7:35 PM, Dave Crocker wrote: > On 6/18/2020 4:01 PM, Jim Fenton wrote: >> It would be remarkable for IETF to achieve rough consensus on a >> specification with a known vulnerability while we "wait for the bad >> actors to catch on." Particularly when that vulnerability relates to an >> aspect of the specification that has caused widespread deployment >> problems. > > vulnerability? Yes. When bad actors (your choice of words) can work around an aspect of the specification that is depended upon to enable differential handling by a receiving filtering engine (again your choice of words), that is a vulnerability. _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc