[dmarc-discuss] A bit quiet?

Roland Turner roland.turner at trustsphere.com
Sun Oct 25 22:45:30 PDT 2015


Al Iverson wrote:

> From my own perspective, I'm unclear on how well this will work. I
> assume the chain process is based on addressing anything thrown at at
> it; mailing list posts going through mail forwarding; ARC on both
> would in theory keep authentication intact and prevent p=reject policy
> rejections. But we're talking the 1% of the 1% (of the 1%?), it feels
> like the use cases might get more and more far out.

I'd suggest that what ARC solves - if it works - is the entirety of the problems for forwarders who are willing to cooperate but nonetheless wish to modify messages sufficiently to break DKIM, which remains the largest class of inadequately solved problems with DMARC. (Note that the current low fraction of p=reject mail is not hugely important; as the DMARC breakage cases disappear, a growing fraction of email can and will be subject to p=reject.)

There remains one unsolved significant case, that of independent origination ("share this link") which, I suspect, will be permanently beyond reach for interoperable protocol standardisation (it depends entirely upon trust by receivers and not at all upon protocol mechanisms).

- Roland


More information about the dmarc-discuss mailing list