On Tue 23/Jun/2020 20:49:11 +0200 Dave Crocker wrote: > So if Sender: wouldn't be as useful as From:, why not?
I'm a bit skeptic. The assertion that "DMARC protects the domain name in the address part of the From:" would have to be dropped. The requirement that From: domain be "the identifier used for all message validation operations, as it is the single identifier in the message likely to be visible to the user" was among the founding intuitions of DMARC. We used to blame MUAs which don't display such datum... Don't we risk to loose design consistency with that move? Sender: has a display name and an address, just like From:. Don't we risk to double phishing opportunities? If Sender: and From: domains disagree, are both going to get reports? Would that become v=DMARC2, or shall believers of strict From: have no chance? Modifying the protocol for such a minor issue as mailing lists sounds a bit of an overkill. Best Ale -- _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
