Re: [ietf-822] WSJ/gmail/ML, was a permission to...

John Levine <johnl(_at_)taugh(_dot_)com> wrote:
    >> If we had: p=reject-even-if-list-id

    > Won't work.  See previous message.

I think you are reading it wrong.
It's basically the same as p=reject is now.
The other one, would mean: there are some things that could change
by an intermediary.

    >> that would satisfy the paypal case. (But, wait, btw, paypal employees
    >> are @paypal.com.  They need corp.paypal.com or some such).

    > They're on top of this problem, and use paypal-inc.com.

right!

    >> To me, it seems that really we need an in-SMTP protocol by which
    >> senders are told that they are sending to a re-distributor, and their
    >> current policy won't do, but that they can do X.  That has to go back
    >> to the user.

    > Remember that there are other things that DMARC broke, that do not
    > involve forwarding.  That's what "WSJ/gmail" in the subject line are
    > about.

Yes, I understand.  I'm not sure that web sites sending on my behalf
is ultimately distinguishable from spam without some cryptographic route
through the browser/webserver into my MUA.

I can imagine such a channel, but I don't think we want to talk about that.
I think that we should list the various problems that we have discovered and
it may be that some we can fix, and some we can not.

Ultimately, in the space of end-to-end SMTP, lists are a form of
intermediary.  DMARC is a form of BCP38...


--
Michael Richardson <mcr+IETF(_at_)sandelman(_dot_)ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

pgpWbcFUB1yv2.pgp
Description: PGP signature

_______________________________________________
ietf-822 mailing list
ietf-822(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-822