On 2020-08-08 4:27 a.m., John Levine wrote:
Some years back people kept asking Spamhaus to set up a whitelist, so
they hired me to do it. Technically it worked fine, but it soon became
apparent that the only people who were interested weren't people who
we'd want to whitelist. The good quality senders get their mail
delivered already, the terrible ones didn't bother, and all we heard
from were people who sometimes sent some spam along with the good mail
but assured us they were nice people.
I'm not clear why that failed. Personally, I was puzzled by the .com
suffix, which somehow sounded like pay for being whitelisted.
I think you'll find that all of the existing whitelist like things
are a sideshow to the company's real business of deliverability
consulting.
Of course whitelisting can easily become ESPs combat zone.
For DMARC, it would be nice if there were a shared list of credible
forwarders, not to automatically accept their mail, but just to say
they're good enough that you can believe what's in their ARC seals
when you're doing the usual spam filtering.
Trusted-forwarder.org still exists...[*]
Automatically accept is not the same as override DMARC policy. The
latter can cure some of MLM and non-MLM problems.
I proposed snd=rhswl.zone.example. The difference w.r.t.
trusted-forwarder.org is that some sites can start building their own
right hand side whitelists (RHSWL). Specifying the zone in the
protocol makes it visible, so lazy admins can help themselves to
quickly build their not-so-strict DMARC policy by using someone else's
RHSWL.
Combining lists could also become possible, once there is a decent
amount of them. There is already An Architecture for Reputation
Reporting, RFC 7070/3, which could support exchanging entries among
similarly scoped RHSWLs.
You can't just let people sign themselves up for a list like that,
since every dodgy bulk mailer will figure this will get them an
extra 2% delivery, and we've never gotten past a vague hope that we
could canvass people we know to make a combined set of mailing
lists hosts we know.
Seeking how to make that hope less vague should be a highly commended
task.
Best
Ale
--
[*] http://multirbl.valli.org/detail/wl.trusted-forwarder.org.html
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
