On Mon 21/Dec/2020 19:25:48 +0100 John R Levine wrote:
That seems like a great way to destroy mailing lists by not telling them
which recipients are bouncing.
Um, the mailing list *is* the forwarding address.
Oh, well, no, in that case the target address is not meant to be kept secret.
You don't know that. Keeping in mind that the reports go the the From:
address, some lists let subscribers see who else is subscribed, but many do not.
Sorry for my lack of details. I was considering the cases where a bounce or a
failure report reveal that u...@example.com forwards to user@secret.example.
That is, a user may want to receive mail destined to her (old) address, but
does not want (old) contacts to become aware of her new one. The address she
uses to subscribe to a mailing list is obviously revealed to the MLM. It is
not secret in that sense.
In any event, I think we agree that failure reports are not worth a lot of
effort here.
I'd look for ways to trim them down a bit. Just enough to let them be
privacy-wise credible.
As I would have thought was evident by now, there is no such thing. We have no
idea what parts of the message might disclose PII, and we have no idea what
relationship (if any) the target of the ruf= might have to the author of the
message. We can just note that ruf can leak personal info and leave it at that.
What is evident is that, as conceived, failure reports break privacy enough to
make an admin's skin crawl. I think we should convey the fact that failure
reports are (to be) sent in limited circumstances and with due circumspection.
We must underline that in order to differentiate failure from aggregate
reports, lest people conclude that feedback reporting is a bad idea in general.
Best
Ale
--
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
