On Fri, Sep 12, 2014 at 05:34:06AM +0000, Christian Huitema wrote: > > The big change with DMARC is a deprecation of the Sender/From > differentiation, effectively requiring that these two will be the > same. It seems that big systems have voted that the differentiation > causes more harm (spam, phish) than good (remailers). > > Of the responses listed, the one that clearly works is to ask > forwarders to forward messages, what the wiki calls "message > wrapping." It works in the sense that the mail system sees > consistent headers that pass all verifications, and represent the > actual action of the remailer while not relying on Sender/From > differences. > > At that point, the issue is mostly with the UI. If my reader did > recognize the "simple forwarding" case from "authorized remailers," > then the message wrapping solution would be just fine. The good > thing is that it is very much under my control. But unfortunately, once the UI recognizes this case, would we not be imposing harm vis-a-vis phishing in particular? And then DMARC Mark II (as it were) would have to prohibit the wrapping and require a wrap of a wrap, etc. There's no way of winning this. But if we are going to go down this path, it would be useful to discuss what the UI would look at that meets the needs of mailing lists, but without potential harm of phishing. -Ted