On Thu, 27 Dec 2018 11:06:59 -0500 John C Klensin wrote:
> --On Thursday, December 27, 2018 13:21 +0100 Jan Ingvoldstad via
> Exim-users <exim-users@???> wrote:
>
> > They are ways
> >> to ensure "safe" mail delivery. I think of them as advanced
> >> methods of ensuring the Internet is clean from spam, so they
> >> are actually addons for mitigating spam.
> >
> > These do not mitigate spam.
> >
> > They mitigate sender address fraud.
> >
> > There's TONS of spam from DMARC verified signed sources.
> > Google. Yahoo. As well as a bazillion custom domain names
> > created over the past years.
> >
> > Please don't perpetuate the pretense that this is about spam.
>
> Exactly.
>
> Also one more thing that should be added to the "why
> experimental now" list: DMARC is rather seriously defective in
> a number of ways and it is not clear that propagating its
> increased use is in anyone's best interests other than,
> possibly, those very large email providers who foisted it on the
> community (none of whom, AFAIK, are running Exim). ARC should
> be better although how much better is still unclear. But its
> specifications are still a bit unstable and the one in the
> publication queue (and going nowhere fast due to reference
> dependencies) is formally experimental. That all translates
> into features with bleeding-edge specs almost certainly should
> require some serious effort to turn on in Exim.
>
While I 200% agree with the statement above in regards to all the
sentiments about the questionable nature/utility and in particular the ham
fisted approach with which this was foisted upon us, the head in the
sand approach isn't the way forward either.
Especially for those of use whose job it is to supply/support large scale
mail systems.
As for Jeremy, I'll probably go and do the operational deployment at least
on some secondary MXs, but can't help with the buildfarm bits.
Regards,
Christian
--
Christian Balzer Network/Systems Engineer
chibi@??? Rakuten Communications
