In article <c682449b-6e7a-60b5-73a8-8497aa3a1...@mtcc.com> you write: >any reporting needs to be authenticated. if you're going to use http, >you need to show how you're going to do that.
DMARC systems have been producing and consuming reports for a decade without authentication, without any problems I am aware of other than the occasional failure report loop, so we have practical experience telling us this assertion is not true. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc