On 10/18/2017 12:35 PM, Mark Sapiro wrote:
DMARC is not the problem. It is perfectly reasonable for say, irs.gov to
publish DMARC p=reject as long as mail From: irs.gov is not an
employees personal post to an email list. Presumably the IRS would have
rules against that.
The problem is when general ESPs that provide addresses in their domain
for anyone to use for any personal purpose publish DMARC p=reject.
I question what the fine line distinction will be for what domains can /
should use DMARC (or the next disrupting technology). Further, I
question why domains that don't qualify, should be excluded from using
said technology.
I suspect that we should also agree to disagree on this.
ARC has the potential to help. When say a yahoo.com user posts to a list
on my server and the list sends the post to a hotmail.com user, ARC
allows me to certify that Yahoo's DKIM signature was valid when I
received the mail, then I broke the sig but resigned the mail with my
domain's sig and sent it on to Hotmail. Now there is a chain by which
Hotmail can verify my sig and the fact that I certify Yahoo's sig. The
crux however is Hotmail has to trust me. Now if I'm GoogleGroups,
Hotmail will probably trust me but if I'm mail.python.org there might be
a mechanism by which I can ask Hotmail and every other ISP to trust me,
but is that going to work in practice. I think that remains to be seen.
It sounds like you have the same concern / unknown that I do. What do I
need to do to get <someone> to trust my ARC signature. - Is ARC
overloading my published DKIM key without clearly stating that it's
using it? Or is there something else that I'm not aware of? Or is it
simply a white list, or trust list, type issue.
If it's the latter, I feel like ARC has a design flaw before it even
gets out of the gate. I hope that's not the case.
--
Grant. . . .
unix || die
------------------------------------------------------
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
