[dmarc-discuss] A bit quiet?

J. Gomez jgomez at seryrich.com
Fri Oct 23 11:10:26 PDT 2015


On Friday, October 23, 2015 4:07 PM, Scott Kitterman via dmarc-discuss wrote:

> On October 23, 2015 1:48:13 AM EDT, Roland Turner via dmarc-discuss
> <dmarc-discuss at dmarc.org> wrote: 
> > The question is not who you trust - ARC doesn't directly change
> > that - but how you reliably automate determining whether the
> > message was forwarded only by people that you trust. At present,
> > you have to dig through Received: headers, infer per-forwarder
> > internal structure and behaviour and, frequently, guess. ARC
> > addresses that problem, not the one you're asking about.
> 
> I don't see why the signing domain of the DKIM signature that could
> be added by the most recent sender doesn't already give an identifier
> to use to evaluate trust in the sender.  
> 
> I can see that ARC gives a way to communicate information about the
> upstream senders, but I don't see how that's related to DMARC. 
> 
> From a DMARC perspective, if you know the sender is trustworthy, you
> do a local override.  ARC doesn't seem to be needed for that.

How do you know the sender is trustworthy, if the email he sends 
is failing a DMARC check?

Is this ARC thing a mechanism to know when it is safe to ignore 
the sender's DMARC policy of "p=reject"? And if it is such, shouldn't 
it be part of the DMARC standard?

Regards,
J.Gomez




More information about the dmarc-discuss mailing list