On Apr 21, 2014, at 9:42 AM, Dave Crocker <dhc@xxxxxxxxxxxx> wrote: On 4/21/2014 9:36 AM, John Levine wrote:They could fix it if they Dear Dave, Each domain can simply point to their desired white-list. This can be one published directly or simply referenced as described in: This has elements from the moribund ADSP. The sender wishing to protect a domain while also applying policy like that of ADSP or DMARC can offer receivers a rapid and scalable method to check third-party domain authorizations. This means senders are always able to defend recipients who trust messages from their domain. Please note, authorizations can also require presence of a List-ID. Other schemes, such as SRS, end up treating third-parties the same, which never works. Perhaps being a bit crass, those who have decided to adopt DMARC for their user accounts have a vested interest in seeing mailing-lists fail. Their revenue is often based on ads displayed in a user's browser. Forcing use of some social web site has an advantage of injecting ads while also balkanizing group efforts. Is the IETF ready to offer their own version of a social website or start an email version of a three-card monte game of "Where is the From? Must all other group endeavors demand some social allegiance or can these sites become federated using something like XMPP and give up on email? Regards, Douglas Otis |