> On Apr 18, 2023, at 12:24 PM, Alessandro Vesely <ves...@tana.it> wrote: > > What's the point of wearing an atps record if it's not called out in a DKIM > signature? (I wouldn't have tested it anyway).
Alessandro, you are already doing the DNS call for DMARC. Hitch a ride!! You can check for atps=y or asl= for 3rd party authorization. > What's the point of ARC-sealing a message which is not arrived from an > external ADMD? I have no idea and I think ARC is a waste of time. Way too much overhead. Not a good idea to pursue this has a long term solution. I rather not. > I'm rather happy with the amount of gibberish I currently get. For this > Benny's message it was: > > Authentication-Results: wmail.tana.it; > spf=pass smtp.mailfrom=ietf.org; > dkim=pass reason="transformed" header.d=junc.eu; > dkim=pass (whitelisted) header.d=ietf.org > header.b=yiVUz1hG (ietf1); > dkim=pass (whitelisted) header.d=ietf.org > header.b=yiVUz1hG (ietf1); > arc=fail (1 set(s)) smtp.remote-ip=50.223.129.194 > So your verifier see Benny’s as suspicious because of arc=fail? Benny is telling the world “ietf.org <http://ietf.org/> is authorize to resign on my behalf” via DNS. No headers required. No delayed learning necessary. What more is needed?
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
