On 15/11/2024 20:13, Dave Crocker wrote:
On 11/15/2024 10:55 AM, Alessandro Vesely wrote:
On 13/11/2024 21:14, Dave Crocker wrote:
While 'indirect' has well-established context in many email technical
circles, I believe it does not have clear, consistent, and precise
meaning. So it needs to be defined here, with more than an example.
I see this is an extremely important point, since the movement that
has taken place with email is to consider tight integration of domain
name and sending platform, in substantial contrast with the way email
worked for perhaps 40 years. That is, 'indirect' is tending to be
treated as almost aberrant, or at least as problematic.
I prefer the latter term, "problematic", rather than "aberrant" or,
according to the upcoming SMTP standard, "misguided".
You might prefer more comfortable language but I was characterizing the
very problematic tone that I perceive permeating work in this space, in
recent years, and am trying to highlight how that tone establishes a
counter-productive approach to dealing with these issues.
DMARC is the only current approach toward a deterministically "clean"
email environment, AFAIK. I wonder if those who dispraise it have an
alternative in mind or would just prefer a free for all.
Another example of this aberrant view is the insistence on misusing the
word 'spoofing'.
As the antonym of "legit"?
Sadly, Section 3.4 of rfc5321bis doesn't define forwarding any better.
Its definition of what "can be treated as a continuation of email
transit" is overly strict. In particular, forwarding that is limited
to the set of modifications and actions described there never breaks
typical DKIM signatures.
MTA relaying, vs. mediator -- eg, mailing list -- forwarding.
Reality differs.
I understand both those words, but not this combined use of them.
IMHO forwarding should be considered as a continuation of transit,
albeit it can be enriched with marginal annotations. I agree it is
outside SMTP proper, but neither it is equivalent to composing brand new
messages. The latter is what SMTP states, which is different from the
commonly accepted meaning of "forwarding".
In particular, we should find methods whereby From: doesn't have to be
changed. (Not that it's SMTP the one which forces to change it, but it
agrees to.)
DMARC's alignment requirement is an attempt at capturing the concept
of legitimacy.
It is an attempt at defining and constraining a very specific kind of
limited legitimacy.
Yup, it is successful as it catches a good deal of cases, direct mail.
Best
Ale
--
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
