It appears that Mark Alley <[email protected]> said: >If an actor with mal-intent wanted to grief an organization identified >using one of these services that bill their services this way, they >could spoof unfathomable amounts of emails to receivers known to >generate Aggregate and/or Failure reports, and blow said customer's >paid-for DMARC reporting analytics licensing out of the water, and could >increase their costs for using the tool extremely high.
Please see the message I just sent. But in the meantime ... DMARC analysis services have existed for a decade. If this were a real problem, it would already have happened and they'd have figured out how to deal with it. Furthermore, even if it were a real problem, bad guys can sign their mail as easily as anyone else, so there's nothing we could put in the spec would help. Can we please stop inventing problems and finish up this document? It's way, way, past its sell date. R's, John _______________________________________________ dmarc mailing list -- [email protected] To unsubscribe send an email to [email protected]
