[dmarc-discuss] A bit quiet?
sklist at kitterman.com
Mon Oct 26 16:57:22 PDT 2015
On October 26, 2015 9:12:17 AM EDT, Roland Turner via dmarc-discuss <dmarc-discuss at dmarc.org> wrote:
>Scott Kitterman wrote:
snipped down to one bit as we seem to mostly be going around in circles
>> As a domain owner, I can control what sources of mail are able to
>> generate mail that passes SPF or has a valid DKIM signature with d=
>> domain. Anyone, anywhere can generate an ARC stamp with my domain in
>> so it's completely different.
>No, they can't.
>(More accurately, like a DKIM signature, anyone can create one, but it
>won't validate unless they've also gotten their hands on one of your
Who adds the ARC stamp? Perhaps I read it wrong, but I read it as being added by the intermediary and not the originator (previous hop).
If I read it right, anyone can create an ARC stamp claiming to have received authenticate (e.g. DKIM signed) mail from my domain. Am I reading it wrong?
More information about the dmarc-discuss