On Jul 17, 2014, at 5:24 PM, "Murray S. Kucherawy"
<superuser(_at_)gmail(_dot_)com> wrote:
On Thu, Jul 17, 2014 at 12:57 PM, Martin Rex <mrex(_at_)sap(_dot_)com> wrote:
And DMARC reporting needs to be killed.
Could you elaborate on why? I only ask because some operators think the
reporting is actually the more valuable thing DMARC has to offer, and you
seem to have different information.
Beside it becoming a potential source for abuse, i.e. DoS, in general, once the
proof of concepts are achieved, reporting becomes a wasteful, redundant high
overhead part of the process. This is why it I believe DMARC should be split
into two; reporting and policy handling or reporting made an option for
implementors who might only interested in the policy handling enforcement
aspect and do not wish to be sending out reports -- we already know it works.
--
Hector Santos
http://www.santronics.com