[dmarc-discuss] A bit quiet?

Dave Warren davew at hireahit.com
Tue Oct 27 12:12:35 PDT 2015


On 2015-10-27 00:30, Andrew Sullivan via dmarc-discuss wrote:
> On Mon, Oct 26, 2015 at 09:22:46PM -0700, Shal Farley via dmarc-discuss wro>
>> By itself though the identification is not enough - it doesn't tell the receiver that the claim is false; the receiver must independently assess the trustworthiness of each ARC intermediary, by way of a reputation system or otherwise. The hope is that having a strong and automated way to identify the intermediaries will make creation and maintenance of the reputation system simpler, and increase its accuracy.
>>
> Nothin' for nothin', but this seems like an awful lot of mechanism for
> a pretty low-value piece of data, and if I'm reading you right the
> people who have to implement this (at least mailing list operators)
> need to do this so that someone _else's_ use of DMARC works, right?
> It seems that the wrong party needs to do some work in this model.

I look at it a little differently, it's the people (mailing list 
operators) who want to /modify/ my message that need to take steps to 
not break my DMARC in the process. If a mailing list passes a message 
without modification (allowing for additional List- headers, and other 
normal headers), my DMARC signature is still valid.

-- 
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren




More information about the dmarc-discuss mailing list