On 7/28/2020 5:07 AM, Laura Atkins wrote:
The indirect mail stream issue is real. But it is not the only barrier
to getting to p=reject. The sooner folks start listening to the people
who are presenting real issues where DMARC alignment can’t be achieved
the sooner they’ll be able to address them. The problem with low DMARC
adoption is that it does not adequately address how companies are
using mail in ways that break the DMARC model. Almost a decade on, and
proponents are still suggesting that email usage should change to
comply with their model of how email works. This has not happened.
Maybe proponents need to think harder about why.
Well said.
It has always been how do we scale a "Lightweight Author::Signer
Authorization Protocol" or LASAP methodology. Examples of LASAP are:
ATPS
TPA
Conditional Signatures
SPF offers 3rd party (associated, authorized) IP addresses and does
not have this problem (administration aside). The DKIM Policy Model
since ADSP lacked the ability to authorize 3rd party domains. DMARC
did not address the problem and reason ADSP was abandoned. Hence the
on-going dilemma.
--
Hector Santos,
https://secure.santronics.com
https://twitter.com/hectorsantos
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc