In article <CABa8R6sbwPPR277=6key=gezkuxz7m5xk93o64zutnr0ek1...@mail.gmail.com> you write: >-=-=-=-=-=- > >We've also seen various banks and other large companies who seem to >specifically only use SPF with DMARC, as a way of disallowing forwarding, I >guess.
More likely their mail comes from a lot of places with hostile mail admins, and while the overall admins can observe the mail flows and add the source addresses to the SPF records, they can't make people sign stuff. At big banks the management structure often has a lot in common with that of the Holy Roman Empire, looks good from outside but actually nobody's in charge. >on DKIM directly that failed. DMARC added three things to those, From >header alignment, reporting nd SPF. Which of those made it more successful >than the previous >attempts, or was it just the parties involved in creating it, the timing, the >need getting big enough... who >knows. I'd lean toward the reporting, since that's what lets people have confidence that turning on DMARC won't break their mail too badly. That and there's a lot more phishing now than there was when we did ADSP. R's, John _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
