On 2024-01-04 16:52:58 +0100 (+0100), Daniel Gröber wrote: [...] > Any good reason we cannot look at the MX domain (or in the worst case) ASN > associated with mailserver IP to special case particularly offensive > implementations such as this if looking at the DMARC policy works in the > average case? [...] Unfortunately not. An example I know of is Red Hat's corporate E-mail, they use a third-party filter (Mimecast) as their MX which then forwards to their custom domain on Gmail. As a mailing list admin in some popular open source communities, I've become all too familiar with these challenges. It doesn't help that the situation changes month-to-month, so what you decide today may suddenly stop working any moment and you're back to square one. The cynic in me says that the mass freemail providers slipped these policy frameworks in as a sort of Trojan Horse, promising to fix "the spam problem" when their real goal was poisoning the well we're all drinking from and then setting themselves up as the only safe supply of drinking water. They're all too happy to propose standards when they want other operators to do something, but then willfully ignore those same standards whenever it suits their purposes. -- Jeremy Stanley
Attachment:
signature.asc
Description: PGP signature