It appears that Andrew C Aitchison via mailop <and...@aitchison.me.uk> said: >On Fri, 6 May 2022, Grant Taylor via mailop wrote: >> On 5/6/22 9:14 AM, Luis E. Mu�oz via mailop wrote: >>> I think the response to those issues are in part the cause for the loop you >>> cleverly explained before. >> >> Indeed. >> >> These are the very issues that caused me to be disinclined to stand my ARC >> milter back up when it fell over after an update. >> >> ARC seems to be dependent on trusting the signer. That trust is inherently >> difficult to establish. > >Can anyone (Brandon?) tell us how Google scores the forwarder for a >forwarded ARC-signed message compared to the same message without ARC ? > >I would hope that the forwarder would get some credit for making >the details of the previous hop sufficiently reliable to score.
There's a reason that spam filters don't give credit for the mere presence of a DKIM signature -- bad guys can sign their mail, too. ARC is in a sense worse since a bad guy can add ARC headers with 100% valid signatures and 100% bogus information. Google has a pretty good idea of who is a forwarder, viz. the comments in their DMARC reports. I assume that at some point they'll use ARC info in mail from senders with good reputations to make DMARC exceptions. Until then, I tell people who ask me to forward mail to Gmail that if they actually want to get the mail, I'll put it in a local mailbox and they can tell Gmail to poll it with POP. That works quite well. R's, John
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
