[dmarc-discuss] pounding nails with DMARC screwdriver, was Google & IPv6 SPF check

John Levine johnl at taugh.com
Tue Jun 12 17:14:51 PDT 2012


>I realize that to the old school folks, this is like bragging about
>farts in church, but I'm just not against the idea of trying stuff
>like rewriting the message, maybe including the from address to be the
>list's from address, signing and working with that policy instead of
>the original sender's policy. To me, it is akin to how a mailing list
>sending to you has its own sending IP reputation that takes precedence
>over the reputation of the sending IP addresses of the original
>authors.

Al: I have all these changes to make your lists work with DMARC.

List op: We sign our mail.  Why not just whitelist us?

Al: You could change the From: lines so you can't tell who wrote each message.

List op: We sign our mail.  Why not just whitelist us?

Al: You could make all these changes to deter forgery of your domain.

List op: Nobody forges our domain, but since we sign our mail, you can just whitelist us.

Al: If you take out the subject tags and message footers, sometimes the sender's
DKIM signatures might still be valid.

List op: We sign our mail.  Why not just whitelist us?

etc.

R's,
John




More information about the dmarc-discuss mailing list