On 7/20/20 7:55 AM, Douglas E. Foster wrote: > I am advocating for MLMs to stop spoofing and make their peace with DMARC.
Maybe the recommendation should be that MLMs (or any ESP, for that matter) should never send as a domain they do not directly own unless it's authorized to send aligned mail as that domain. (I say this as I have a distinguished PhD (not of CS) complaining to me that when he sends spoofed email from his Gmail account the messages go into spam because of DMARC. Why do these ESPs even allow it in the first place, putting the domain owner's decision to adopt DMARC as the boogieman?) The DMARC conditional rewriting logic that the MLM providers implement inhibits larger DMARC adoption because it segregates people into two camps, based solely on their domain owner's stance towards DMARC. If a large enough group of stakeholders fall into the camp of "this domain I'm using to subscribe to lists isn't and should never be subjected to DMARC rewriting", they will push back on the domain owner's attempts to publish DMARC. Maybe this ties back into the DMARCbis discussion about pct=0. We use pct=0 specifically to reduce end-user confusion about MLM rewriting behavior. Could the behavior induced by pct=0 be the default, somehow, rather than p=none? Jesse _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
