On Mon, Jul 31, 2023 at 9:47 AM Hector Santos <hsantos= 40isdg....@dmarc.ietf.org> wrote:
> - I mentioned using the deprecated SUBMITTER/PRA (RFC4405/RFC4407) > protocols as an implementation detail to access the author's DMARC > policy at the SMTP "MAIL FROM" stage. Wei expressed interest in this > idea. This could also enhance the "auth=" idea to help manage local > policy SPF -ALL handling. Should SMTP immediately reject? The PRA at > SMTP could aid this decision for SPF -ALL policies. Based on many > years of implementation, it's evident that many mailers are either > identical or are using the same software that supports SUBMITTER/PRA, > possibly due to ongoing support for the deprecated SenderID (RFC4406) > protocol. [...] Can you or Wei spell this out a little more? What could a list subscriber do with this algorithm that we don't have today? The issue we're facing in a DMARC world isn't determining who the original sender is, but rather that with broken signatures, we can't prove it to DMARC's satisfaction. I'm not clear on how your idea fixes that. -MSK, participating
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
