[dmarc-discuss] How Can ESP's Adopt DMARC?
Murray S. Kucherawy
msk at cloudmark.com
Wed Feb 1 14:23:57 PST 2012
> -----Original Message-----
> From: dmarc-discuss-bounces at blackops.org [mailto:dmarc-discuss-bounces at blackops.org] On Behalf Of David F. Skoll
> Sent: Wednesday, February 01, 2012 1:14 PM
> To: dmarc-discuss at dmarc.org
> Subject: Re: [dmarc-discuss] How Can ESP's Adopt DMARC?
> > There are MLMs out there that don't add Sender. So we'd solve the
> > problem for Mailman and the ones that do. Now what?
> I'm fine with breaking it for MLMs that don't add Sender, since Sender
> is the official way to indicate that an entity is sending mail on
> behalf of someone else.
You can see in another thread the pushback on the idea that people should be expected to deploy SPF properly. I don't know how we could succeed telling the greater Internet that it needs to retroactively use Sender properly.
> I would also grudgingly accept strict SPF checking as long as the draft
> makes it very clear what the ramifications of this are. It should
> contain wording to the effect that an organization MUST NOT request
> strict SPF checking if there are legitimate reasons for its domain to
> appear in a From: header in a message that fails strict SPF checking.
> IOW, unless you're a bank, the IRS, paypal, etc. you MUST NOT request
> strict SPF checking. :)
That's certainly a reasonable suggestion.
More information about the dmarc-discuss