On Tue 15/Nov/2022 17:32:50 +0100 John R Levine wrote:
On Tue, 15 Nov 2022, Alessandro Vesely wrote:
No. We can see that either you violate standards by blocking à la Gmail, or
you're open to attack schemes based on exempting messages from DMARC
evaluation. I'd call that broken.
Can you show us some spam you've gotten that uses this trick to try to evade
filters? (Test messages you sent to yourself don't count, of course.)
I showed you a mailbox provider who's blocking them to avoid such spam. That
implies it exists.
If you don't have any, let's talk about something else and finish the DMARC
update. I certainly haven't seen any.
Neither I. Gmail probably sees more messages than we do.
The fact that we consider the point negligible now doesn't imply it can turn
out to be considerable adter we finish. Let me quote Barry from the other list:
We spent quite a bit of time looking at how we could deal with
replay, but given what we knew and what our constraints were at
the time (and the importance we thought replay attacks would have),
we couldn't come up with something we thought was workable. We
hoped that the problem would be minimal and that x= would be enough.
Best
Ale
--
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc