[dmarc-discuss] How does *this* mailing list interact with dmarc?

J. Trent Adams jtrentadams at gmail.com
Fri Jun 22 13:11:56 PDT 2012


Brian -

Do you have any suggestions how this can be accomplished?

As you can see, this isn't new ground, but if we've missed a viable
solution we're all ears.  The general discussions have already
illuminated theses issues, but feel free to propose solutions that you
see working for broad deployment.

Thanks!

- Trent


On 6/22/12 1:07 PM, Brian Corrigan wrote:
> I get it, but really, this is an implementation issue for basically
> every "average joe" user.  For instance, every single company that
> uses google apps and has a single user that subscribes to a mailman
> mailing list wouldn't be able to put their domain into reject mode.
>
> I get the issues, but tech aside, its frustrating that we can't work
> around this somehow.  Its going to prohibit widespread deployment of
> DMARC.
>
> Just speaking personally, phishing is a really expensive problem for
> us.  (I understand this is exponentially more expensive for most of
> you).  I guess we can split up our mail domains, but most companies
> won't do this.
>
> I'm a huge fan of the spec, I would love to see be a part of everyones
> mail deployment.  It would be great if we could fix this.
> Particularly if the spec has enough room to be extended to cover the
> issue.  Why not at least make it *possible* to address this?
>
>
> On Fri, Jun 22, 2012 at 2:50 PM, Franck Martin <fmartin at linkedin.com> wrote:
>> A lot of people have split their domain. We have not.
>>
>> But also I noticed in large organizations, people tend to use a persona/genericl domain to subscribe to mailing lists than to use their company domain, like you do Al.
>>
>> So there is really no issue... :P
>> ________________________________________
>> From: dmarc-discuss-bounces at blackops.org [dmarc-discuss-bounces at blackops.org] on behalf of Brian Corrigan [bcorrigan at majorleaguegaming.com]
>> Sent: Friday, June 22, 2012 11:40 AM
>> To: Al Iverson
>> Cc: <dmarc-discuss at dmarc.org>
>> Subject: Re: [dmarc-discuss] How does *this* mailing list interact with dmarc?
>>
>> So it follow then that for practical reasons, companies that share a
>> domain between users and transactional messages (which has got to be
>> most companies) will never be able to move into quarantine or reject
>> mode?
>>
>> I've been doing a lot of work on report parsing, and while we're
>> identifying about 6 phishing scams an hour (legitimate ones, I can
>> only imagine what its like for a big provider) we still don't really
>> have a recourse for handling them because we share a single domain for
>> all our email (and I'm sure many people are a member of a few mailing
>> lists, etc.).  Am I correct?
>> _______________________________________________
> _______________________________________________
> dmarc-discuss mailing list
> dmarc-discuss at dmarc.org
> http://www.dmarc.org/mailman/listinfo/dmarc-discuss
>
> NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)

-- 
J. Trent Adams

Profile: http://www.mediaslate.org/jtrentadams/
LinkedIN: http://www.linkedin.com/in/jtrentadams
Twitter: http://twitter.com/jtrentadams





More information about the dmarc-discuss mailing list