On Tue 28/Jul/2020 19:19:50 +0200 Doug Foster wrote:
> Hector, I do not understand this comment:
>
>> "The DKIM Policy Model since ADSP lacked the ability to authorize 3rd party
>> domains. DMARC did not address the problem and reason ADSP was abandoned.
>> Hence the on-going dilemma."
>
> Domains that participate with a mailing list have the option of including the
> ML servers in their SPF record, or delegating them a DKIM scope and key.
> But to obtain that authorization from the sending domain, someone would have
> to ask for it, and might not receive the desired answer.
It is difficult, even for smallish domains, to get a complete list of MLMs
which legitimately distribute messages From: their users.
> The goal of this discussion is to find a way to coerce trust. We do not
> lack ways to grant trust on request.
Right, a possible approach is to outsource trust. If you lookup my SPF
record[*] you can see an example.
Best
Ale
--
[*] "v=spf1 +ip4:62.94.243.226 ?exists:%{ir}.list.dnswl.org -all"
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
