On Dec 25, 2016, at 6:11 AM, Yoav Nir <ynir(_dot_)ietf(_at_)gmail(_dot_)com>
wrote:
A per-receiver setting is one extra step for new subscribers. That’s
something I’d rather avoid.
More importantly, recipients don't always know whether they need anti-DMARC
armour or not, and are neither responsible for nor consulted on potential
changes in the receiving domain's policies. Therefore, per-recipient policy
is unlikely to work well.
If message (subject and/or body) modification is a hard requirement, then
it seems that for now anti-DMARC measures are needed in the "From:" header.
FWIW, my view is that forgoing message modification is better than From
mangling.
The need for email origin authentication to specify that "Sender" preempts
"From" has been well understood for a long time before there there was DMARC.
If there is to be a non-broken replacement, it must correct this design error
and place the "burden" of dealing with that on any MUAs that fail to display
Sender (as e.g. from <sender> on behalf of <author>).
--
Viktor.