1) A mailing list creates an auth-res on the incoming mail to the list
2) It modified the message
3) It resigns the message with DKIM
4) It is then delivered to the subscriber's mail server
5) The destination mail server can look at the incoming message including the
mailing list's auth-res and decide whether to trust it or not just like ARC.
It seems to me this covers the vast majority of cases. What are the other
cases where this is not sufficient and how significant are they in reality?
Two or more levels of forward are quite common, particularly in large mail
systems. Look at mail coming out of Google and Microsoft's hosted mail
and you'll see a lot of ARC headers.
Considering that the ARC RFC was published over a year ago, and it is
implemented all over the place, could you explain what the point of this
discussion is? The people who designed ARC are not idiots. If we could
have fixed the mailing list problem with existing DKIM signatures, we
would have.
Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc