Is it not a violation of GDPR to require DMARC participants to collect and transmit data that is not essential to DMARC?
The decision of how to handle indirect flows is outside the ability of a domain owner to control. Knowing that a message was accepted by local policy says that the source is probably not malicious and therefore does not need takedown. Server identity and Mail From address provide the necessary information for takedowns that are needed. On Sun, Oct 23, 2022, 6:29 AM Alessandro Vesely <ves...@tana.it> wrote: > On Sat 22/Oct/2022 18:25:55 +0200 Dotzero wrote: > > Unaligned signatures are orthogonal/irrelevant to DMARC. They may be > useful in > > other contexts. In the DKIM standard, signatures mean that the signer is > > asserting some (unspecified) responsibility for the signed message. That > may be > > useful for some reputation systems. > > > Somewhat skewed w.r.t. orthogonality, actually. Indirect flows are > explicitly > mentioned in the I-D as a reason to override DMARC dispositions: > > There MAY be an element for reason, meant to include any notes the > reporter might want to include as to why the disposition policy does > not match the policy_published, such as a Local Policy override > (possible values listed in Appendix A). > > ARC too is a kind of unaligned signature, albeit with a bunch of > additions. > The extra information it carries, designed to bestow enough trust in the > chain > of custody to outweigh the self-referential reliance of aligned From:, > doesn't > substantially change the semantic of DKIM signatures. And we should say > how to > report it, sooner or later. > > I'm not proposing to mandate the evaluation of any evaluable item. > However, > I'd neither discourage it. Perhaps technology will provide us with > ecological > sources of energy. > > > Best > Ale > -- > > > > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc >
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
