[dmarc-discuss] A bit quiet?
jgomez at seryrich.com
Fri Oct 23 11:10:26 PDT 2015
On Friday, October 23, 2015 4:07 PM, Scott Kitterman via dmarc-discuss wrote:
> On October 23, 2015 1:48:13 AM EDT, Roland Turner via dmarc-discuss
> <dmarc-discuss at dmarc.org> wrote:
> > The question is not who you trust - ARC doesn't directly change
> > that - but how you reliably automate determining whether the
> > message was forwarded only by people that you trust. At present,
> > you have to dig through Received: headers, infer per-forwarder
> > internal structure and behaviour and, frequently, guess. ARC
> > addresses that problem, not the one you're asking about.
> I don't see why the signing domain of the DKIM signature that could
> be added by the most recent sender doesn't already give an identifier
> to use to evaluate trust in the sender.
> I can see that ARC gives a way to communicate information about the
> upstream senders, but I don't see how that's related to DMARC.
> From a DMARC perspective, if you know the sender is trustworthy, you
> do a local override. ARC doesn't seem to be needed for that.
How do you know the sender is trustworthy, if the email he sends
is failing a DMARC check?
Is this ARC thing a mechanism to know when it is safe to ignore
the sender's DMARC policy of "p=reject"? And if it is such, shouldn't
it be part of the DMARC standard?
More information about the dmarc-discuss