On Thu, Aug 17, 2023, at 5:30 AM, Alessandro Vesely wrote:
> When domain authentication arrived, they considered that /all/ messages from
> their domain must be authenticated.
Some receivers only send FBLs if the messages are DKIM=pass. So, the
responsible thing to do is for a MBP/ESP to sign everything to maximize
visibility on abuse.
> DMARC reporting is specifically aimed at such goal.
MBP/ESPs which allow customers to bring their own domain do not have visibility
into DMARC reports; especially from bad actors who don't want their provider to
see what they are doing.
Jesse
_______________________________________________
Ietf-dkim mailing list
Ietf-dkim@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-dkim