[dmarc-discuss] A bit quiet?

Roland Turner roland.turner at trustsphere.com
Sun Oct 25 23:52:19 PDT 2015


J. Gomez wrote:

> How do you know the sender is trustworthy, if the email
> he sends is failing a DMARC check?

This question is an operational one that is out of scope for a protocol specification whose purpose is to facilitate interoperation of mechanisms (software). Operators will always make their own decisions about who to trust.

>Is this ARC thing a mechanism to know when it is safe to ignore
> the sender's DMARC policy of "p=reject"? And if it is such, shouldn't
> it be part of the DMARC standard?

ARC is still an experiment, working out whether it should pass through IETF as part of DMARC or as a separate specification is probably a little premature at this moment. I'd suggest that there are arguments both for and against doing so.

- Roland


More information about the dmarc-discuss mailing list