Hi,
just answering this one bit, which I believe is at the heart of the
disagreement:
Le 22/06/2020 à 21:44, Brandon Long a écrit :
[...] It's the majority which are
routinely subjected
to phishing and spam messages...
IMHO "phishing and spam messages" is way too broad a concept to permit
useful discussion. DMARC nowadays addresses a whole range of problems of
varying severity to the end user.
When protecting security-sensitive domains like banks, where phishing is
a major threat to the end user, a fail-closed policy is a necessity, and
incompatibility with some uses is acceptable.
However, mailboxes with no special security needs call for a different
tradeoff. From the end user's point of view, spam or addressbook-based
phishing attempts are small annoyances that they somehow deal with
(otherwise, they couldn't be using e-mail today). The goal here is an
incremental win over an acceptable statu quo, not a revolution. No
legitimate communication should thus be made to ressort to tedious
workarounds to send mail (mailing-list users having to send every
message twice, really?) or to find out who said what.
Cheers,
Baptiste
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
