[dmarc-discuss] Is DMARC the right place for SMTP-TLS policy and reporting?

Chris Lamont Mankowski makerofthings77 at gmail.com
Wed Jun 20 12:07:55 PDT 2012


Agreed, for the scenarios we outlined TLS is comparable to SPF for
Authentication.  SPF is easier, and it is more broadly adopted for the
purposes of message authentication.
True, shared IP situations will use a VPN to connect to the central MTA.

*Aside: Isn't a VPN using TLS under the covers?  It seems like the industry
put some Duct Tape on the RFC's to accommodate the gap TLS auth covers.
 It's a heavyweight solution that is widely deployed in those situations
and is a pain to set up and maintain.   Any more thoughts I have on this is
probably is out of scope for DMARC so I'll stop here.*


Ignoring the authentication part of TLS, does anyone see value in reporting
on encryption policy a.k.a. Enforced TLS?  If so, where would
you suggest such a feature live? (DMARC, something else...)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://medusa.blackops.org/pipermail/dmarc-discuss/attachments/20120620/54f3d7eb/attachment.htm>


More information about the dmarc-discuss mailing list