I didn’t we need to mention the type of people, organization, etc. “This is particularly important because SPF will always fail in situations where mail is forwarded.”
The issue applies to all. > On Apr 13, 2023, at 12:04 PM, Todd Herr > <todd.herr=40valimail....@dmarc.ietf.org> wrote: > > On Thu, Apr 13, 2023 at 11:21 AM Barry Leiba <barryle...@computer.org > <mailto:barryle...@computer.org>> wrote: >> > Anyone who does forwarding is damaged by DMARC because there are a lot of >> > people who do DMARC on the cheap with SPF only. >> >> This brings up another issue, I think: that there should also be >> stronger advice that using DKIM is critical to DMARC reliability, and >> using SPF only, without DKIM, is strongly NOT RECOMMENDED. >> > I don't disagree. > > How do we make the following text stronger? > 5.5.2. > <https://www.ietf.org/archive/id/draft-ietf-dmarc-dmarcbis-27.html#section-5.5.2>Configure > Sending System for DKIM Signing Using an Aligned Domain > <https://www.ietf.org/archive/id/draft-ietf-dmarc-dmarcbis-27.html#name-configure-sending-system-fo> > While it is possible to secure a DMARC pass verdict based on only one of SPF > or DKIM, it is commonly accepted best practice to ensure that both > authentication mechanisms are in place to guard against failure of just one > of them. > > This is particularly important because SPF will always fail in situations > where mail is sent to a forwarding address offered by a professional society, > school or other institution, where the address simply relays the message to > the recipient's current "real" address. Many recipients use such addresses > and with SPF alone and not DKIM, messages sent to such users will always > produce DMARC fail. > <https://www.ietf.org/archive/id/draft-ietf-dmarc-dmarcbis-27.html#section-5.5.2-2> > The Domain Owner SHOULD choose a DKIM-Signing domain (i.e., the d= domain in > the DKIM-Signature header) that aligns with the Author Domain. > > > > -- > Todd Herr | Technical Director, Standards and Ecosystem > e: todd.h...@valimail.com <mailto:todd.h...@valimail.com> > m: 703.220.4153 > > This email and all data transmitted with it contains confidential and/or > proprietary information intended solely for the use of individual(s) > authorized to receive it. If you are not an intended and authorized recipient > you are hereby notified of any use, disclosure, copying or distribution of > the information included in this transmission is prohibited and may be > unlawful. Please immediately notify the sender by replying to this email and > then delete it from your system. > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
