On Fri, Jul 7, 2023 at 6:35 PM Douglas Foster < dougfoster.emailstanda...@gmail.com> wrote:
> Consequently, the problem remains: How does an evaluator distinguish > between a legitimate list and a malicious attack? > If we had a reliable answer to that, this would've been over ages ago. Unfortunately, any mechanism we create for lists to distinguish their traffic can be trivially co-opted by bad actors. > My answer: Lists need to use From munging to avoid DMARC FAIL, and hope > that sophisticated evaluators will use ARC data to un-mung before delivery. > Someone else asserted that lists have been dealing with DMARC damage by, among other things, rewriting From fields for some years now. Let me pose a couple of questions to list operators and developers and those friendly to those audiences: 1) Are list operators and developers tolerating this situation, temporarily, because they think this crew is going to come up with a less disruptive permanent solution to which they expect to migrate one day? 2) If not, have they resigned themselves to such things as From rewriting as the way of the future? 3) If so, how big (or small) is the set of DMARC accommodations on which they seem to be converging? -MSK, participating
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
