On 7/26/20 6:42 AM, Dave Crocker wrote: > On 7/21/2020 12:32 PM, Dotzero wrote: >> >> The original DMARC effort was, in fact, to detect actual cases of >> spoofing, namely unauthorized use of a domain name by outside actors. >> >> Different problem. >> >> >> Actually, part of the effort was to enable Sending domains to >> identify their own mail that was being sent without aligned DKIM >> signing or from places not authorized through SPF - in other words, >> not properly authorized but legitimate, hence feedback loops. > > > As I recall, this was /not/ part of the original purpose of DMARC, > which was discussed strictly in terms of mail from bulk senders. > > What you describe was, rather, the basis for the later use, which is > what then started causing problems for mail going through Mediators. >
Just identifying their own mail their own email that was sent...: Yes, that's always been part of the original purpose of DMARC, and is the purpose of the reporting mechanisms. Yes, the reports will contain information on many mediators, but that's just noise in the reports. It also contains information when, for example, the product XYZ marketing department decided to use a new mail sending partner without telling anyone. That's useful. It's the policy mechanism (or more specifically its use by other than transactional domains) that's causing the problem here. -Jim
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc