On 12/29/20 12:10 PM, John Levine wrote:
In article <5d0793ae-de65-cd1d-32ef-c909202a0...@mtcc.com> you write:
On 12/29/20 10:59 AM, John Levine wrote:
Don't forget
o Normal forwarding of SPF validated mail
o Authorized third party senders with no access to DKIM keys
If by "authorized" you mean authorized by the originating domain, I don'
t have a lot of sympathy since they can delegate them a selector and
update their DNS. Not doing so is just lazy.
A lot of tiny non-profits like Girl Scout troops use email addresses
at webmail providers and send their announcements through ESPs like
Constant Contact and Mailchimp. This is yet another situation where
DMARC can't describe an entirely normal mail setup.
Constant Contact apparently got Yahoo to give them a signing key,
at least temporarily, but that doesn't scale.
What gmail does for gsuite is generates (or not, who knows) a key and
gives you the selector to add to your dns. I don't see why that doesn't
scale for all situations.
Mike
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc