or don't use p=quarantine and p=reject Keep it simple
On Fri, Sep 18, 2020 at 5:47 AM Alessandro Vesely <ves...@tana.it> wrote: > On Thu 17/Sep/2020 21:11:42 +0200 Sabahattin Gucukoglu wrote: > > > > Wouldn’t it be nice if you could ask for MLMs to transform, just using a > DMARC policy, even p=none, so that you could test with a live environment > containing MLMs that work around DMARC policy? Or you could ask for *no* > transform, even for p=quarantine or p=reject, so that your DMARC policy can > be used to legitimately restrict usage to directly-sent email? > > > It may be practical to place the asking in the message header, rather than > in the DMARC record. That way, senders can specify their wish on a > per-message basis, presumably based on message recipients. Note that a > request to transform can include information about how to reliably undo the > transformation, thereby verifying the original DKIM signature as described > in dkim-transform[*]. Possible strategies that senders might use could be > similar to those for putting weak signatures[†]. > > > Best > Ale > -- > [*] https://tools.ietf.org/html/draft-kucherawy-dkim-transform > [†] > https://tools.ietf.org/html/draft-levine-dkim-conditional-04#section-4.1 > > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > -- Joseph Brennan Lead, Email and Systems Applications Columbia University Information Technology
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc