> On Apr 1, 2023, at 7:17 AM, Jim Fenton <fen...@bluepopcorn.net> wrote: > > Not picking on Murray here, but his message was the most recent that talked > about p=reject with respect to non-transactional email: > > On 1 Apr 2023, at 15:53, Murray S. Kucherawy wrote: > >> If we use SHOULD NOT, as you suggest, there's an implication that there >> might be a valid reason for non-transactional mail to use "p=reject". Are >> we okay with that? > > We shouldn’t be assuming that mailing lists are the only cause of breakage > for DMARC, and that transactional email is unimpacted by a p=reject policy. > > Some people use email forwarders so that they can have an email address > that’s consistent if they change the email provider where their email is > actually received. Sometimes they do this for “branding” reasons as well, > such as to indicate their association with an organization or alumni > association. Some of these email providers break DKIM signatures along the > way.
+1 > > I have several such forwarding addresses, one of which is @alum.mit.edu, > which breaks my DKIM signatures when I send a message to myself. If I used > that address to receive transactional email from a domain with p=reject, and > if my actual email provider enforced DMARC, I might not receive transactional > email. > How many reader/writers (MUAs) do you use? I have almost scenario possible. With hosted domains, the owners like to use the MUA of an ESPi.e. gmail to consolidate their MUA activity under one reader/writer. This means forwarding mail to the ESP for most immediate notification. This was fine until the ESP began to honor DMARC restrictive policies and the forwarded mail is either rejected or put into a spam box. The domain authorized MTA is now penalized with dubious and false positive/negative reputation blacklisting creating an increase cost on support and cleanup. Among solutions, advising a customer to move their domain hosting to their MUA ESP hosting services is an anti-trust, anti-competition non-starter. Advising them to use their ESP mail pickup facility, i.e. pop3, is the solution — delayed delivery but it solves the problem for restrictive DMARC domains. Among the top ESP domain policies: hotmail.com p=none yahoo.com p=reject gmail.com p=none sp=quarantine aol.com p=reject outlook.com p=none sp=quarantine msn.com p=none sp=quarantine bellsouth.net p=none sp=quarantine verizon.net p=reject Verizon.net, aol, bellsouth.net <http://bellsouth.net/> are hosted by yahoo.com <http://yahoo.com/> as an MX and HTML MUA. — HLS
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc