In article <767e2dcc-e87c-1e90-2f86-486e51a3c...@wisc.edu>, Jesse Thompson <jesse.thomp...@wisc.edu> wrote: >I realize that John's message in the other thread probably wasn't referencing >auto-forwarding, but I think his point >dovetails to the auto-forwarding issue: > >> As always, as I hope we all remember DMARC alignment doesn't mean not spam, >> and you still do all of the stuff you do to sort your mail. ...
As you say, it's the same problem, it's what people see as the same message but with changes that fail with current authentication schemes. >a) It assumes that the domain owner has the ability and desire to authorize >every potential forwarder, even though >auto-forwarding is a user-level decision. It's not the domain owner, it's more likely the MTA deciding what signatures to apply. >c) Selectively allowing forwarding at the user level is difficult because >users are gonna do what they wanna do (you >try telling faculty they can't forward). It's not the case that all >enterprises want to prohibit all of their users >from auto-forwarding (even though that's the answer you may get if you survey >the CISO community) Yeah. The likely damage from allowing wisc.edu to forward seems pretty low, the damage from outlook.com or gmail.com considerably more. R's, John -- Regards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
