On Fri, Jan 15, 2016 at 04:54:22PM +1100, Craig Sanders via luv-main wrote:
On Thu, Jan 14, 2016 at 08:56:52PM -0500, Jason White wrote:
Russell Coker via luv-main <luv-main@luv.asn.au> wrote:
[...] And worse, DKIM cares about the From: header rather than the Sender: header.
I'm assuming this was one of those places where you meant DMARC, because DKIM only cares about what you tell it to sign (or not, for that matter)
This is just broken in every possible way.
Yes. I'd appreciate it if people would stop acting like I'm doing something I want to do here. I just want mail to go through reliably and I'm doing what is necessary to achieve that goal.
[...] That's entirely the wrong thing to do. those who contribute may well stop bothering if they get annoyed enough, [...] driving away those who write the posts (that both they and the lurkers read) is self-defeating.
Conversely, it's actually caused me to contribute more than usual, merely to express said annoyance, I'm not sure I want to burn any more calories bothering in future, and have certainly considered unsubscribing.
Widespread use of DMARC will result in changes to well established conventions.
IMO it's an attempt by major corporate players to completely take over email so that no email is ever sent that they don't get a copy of to examine and index and use to build up profiles on individuals.
If we're being generous, it's probably just a pleasant side affect. However, I'm yet to see many
and to sell to the NSA etc of course.
Message forgery is a solved problem. SPF works. DKIM is a) overkill and b) unnecesary.
If individual senders need more identity verification than SPF, there are numerous encryption and signing options available....with support built in to many MUAs.
Agreed, PGP/GPG and S/MIME solved this long ago, with the added benefit of end-to-end encryption.
[...] those who refuse to learn from history are doomed to repeat the same damned stupid mistakes. This issue was settled definitively in the 90s.
Well said.
[...]