[dmarc-discuss] How does *this* mailing list interact with dmarc?

Chris Lamont Mankowski makerofthings77 at gmail.com
Fri Jun 22 17:56:00 PDT 2012


If DMARC produces a report for domain owners to
reign-in their senders behavior & configuration, is it technically possible
to send a report to the mailing list's domain owner so that they will
become aware of the issue and upgrade?

Is it conceivable for a DMARC DNS record to suppress feedback from known
whitelisted forwarders and mailing lists?

As it stands today, will the whitelist be independently maintained, or will
it be centralized at dmarc.org? (or similar)

If DMARC is to be seen as a central point of policy for SPF and DKIM, why
are we restricted to only one DMARC record?


* reason: I can make the assertion now that all email is DKIM signed, but I
also want to phase in a quarantine and reject policy for remailers and
.forwards that (1) sends from a non SPF address (2) modify the header and
breaks DKIM along with SPF.  *


John, do you mind elaborating on this scenario just a little, I want to
make sure I understand the failure here:

DMARC's p=reject is unusually dangerous since the rejections can
easily screw up mail unrelated to the publishing domain due to
bouncing recipients off mailing lists.  (Not hypothetical, by the way,
already happened with an over-eager implementation of ADSP.)



On Wed, Jun 20, 2012 at 11:24 PM, John Levine <johnl at taugh.com> wrote:

> >Anyhow this "alias" forwarding break DKIM is common on many other
> platforms/configs and DMARC points where.
> >
> >How can we help?
>
> Encourage those systems to sign their outgoing mail so recipients can
> develop a reputation for them.
>
> DMARC is not a FUSSP.  It is useful for a small but significant part
> of the mail ecosystem for domains where all the mail comes from a
> known, controlled set of hosts, and a lot of phishing is targeted at
> them.  None of the other anti-spam and reputation techniques are going
> away, and DMARC isn't a substitute for them.
>
> R's,
> John
> _______________________________________________
> dmarc-discuss mailing list
> dmarc-discuss at dmarc.org
> http://www.dmarc.org/mailman/listinfo/dmarc-discuss
>
> NOTE: Participating in this list means you agree to the DMARC Note Well
> terms (http://www.dmarc.org/note_well.html)
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://medusa.blackops.org/pipermail/dmarc-discuss/attachments/20120622/44e7988d/attachment.htm>


More information about the dmarc-discuss mailing list