moderated Re: Evaluating turning on DMARC #update


 

Mark,

malicious forwarding of list messages to people not subscribed to the
lists. ... I have just added a DMARC record with p=none for the
groups.io domain ...
This will work for those posters/recipients subject to DMARC rewriting, Digests, Summaries, and notices. But are those major contributors to the problem? GMF had a spate of reports a while ago of people mystified by misdirected group messages, and that seemed to revolve predominantly around AOL. Is that where this is aimed?

Normal group messages, where the header From has the posting member's domain not Groups.io's, will fail DMARC regardless of Groups.io's settings. Unless I've missed something. That's the case where we're Waiting for Godot. Er, I mean ARC.

If you have any specific objections to turning on DMARC, please let me
know.
The only concern that comes to mind is that this could be another step down a path that leads to rewriting all From headers. I'd really rather not see that outcome.

Shal

Join main@beta.groups.io to automatically receive all group messages.