[Mailman-Developers] Two more DMARC mitigations
Jim Popovitch
jimpop at gmail.com
Fri Jun 13 00:22:13 CEST 2014
On Thu, Jun 12, 2014 at 6:02 PM, Stephen J. Turnbull <stephen at xemacs.org> wrote:
>
> A senior admin at Yahoo! was very clear on damrc at ietf that they want
> their vanilla users covered by "p=reject" because the threat model
> (which is not phishing, it's "recommended by friend" spam) involves user
> mailboxes.
Yeah, I follow that. BUT... a very senior architect of DMARC
established the DMARC spec for non-user mail and specifically
recommended that user mail be moved to a non-DMARC signed
domain/subdomain. AND THEN, a (that very same senior admin?) Yahoo!
employee got involved in the DMARC spec and it became the bastardized
DMARC spec. I relish in pointing this out from time to time, thank
you for the oppty to do it again. ;-)
-Jim P.
More information about the Mailman-Developers
mailing list