[dmarc-discuss] DMARC thwarted already?

John Levine johnl at taugh.com
Thu Jun 5 17:00:20 PDT 2014


>Doesn’t this come back to the whitelist idea? For the green bar SSL certs (Extended
>Validation), the certs have a bunch of information encoded in it, and the browsers have a
>list of CA’s that they trust. AFAIK, the only way to do that for email is through DKIM but
>you wouldn’t highlight all DKIM-signed email, only DKIM-signed email that you trust which
>is compared against a whitelist.

Yes, definitely.  See RFC 5518 for one approach.

R's,
John


More information about the dmarc-discuss mailing list