On Mon, 24 May 2021, Dave Crocker wrote:
That is, the main motivation for ARC is to provide a plausible basis for
paying attention to DMARC, even when its underlying authentication mechanism
are broken by the time they show up at the receiver.
Yes. that's a better way to put it.
I asked somone from a Large Mail Provider that since they know where the
mailing lists are, why not just whitelist them. The answer was that a lot
of spam leaks through lists, since they typically just check that the
From: address is a subscriber. ARC lets them look back and see if the
message was DMARC aligned when it arrived at the mailing list and do the
filtering that the mailing list didn't.
Regards,
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp