Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal

2023-06-27 Thread Hector Santos
Doug, this is Wildcat! SMTP - one of the oldest SMPT packages around. Summary here: Without some signal at wcSMTP about DMARC, SPF will most likely remain a hard rejection at WCSAP/SMTP (at RCPT state) before DMARC at DATA Background: Since 2003, out of the box, Wildcat! SMTP with add-on

Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal

2023-06-27 Thread Hector Santos
+1 > On Jun 27, 2023, at 11:06 AM, Tobias Herkula > wrote: > > Signing That, nothing to add. > > -Original Message- > From: dmarc On Behalf Of Barry Leiba > Sent: Tuesday, June 27, 2023 4:24 PM > To: Alessandro Vesely > Cc: dmarc@ietf.org > Subject: Re: [dmarc-ietf] easier DKIM,

Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal

2023-06-27 Thread Hector Santos
Since 2003, here is my out of the box, Wildcat! SMTP with wcSAP and wcDKIM add-on support, mail flow: (Note: for the record, email is a small Part, but a supportive part for many customer operations) At SMTP, starting with connection 1) If Enabled, Check for DNS-RBL IP check, respond at step

Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal

2023-06-27 Thread Tobias Herkula
Signing That, nothing to add. -Original Message- From: dmarc On Behalf Of Barry Leiba Sent: Tuesday, June 27, 2023 4:24 PM To: Alessandro Vesely Cc: dmarc@ietf.org Subject: Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal I don't understand how most of your message fits

Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal

2023-06-27 Thread Barry Leiba
I don't understand how most of your message fits into this discussion: you're comparing SPF's policy points with DMARC policy. we're talking about SPF as an authentication mechanism together with DKIM (not DMARC) as an authentication mechanism... and then using those authentication results in

Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal

2023-06-27 Thread Douglas Foster
Ale, here is an attempt at a formal model. Application to the current question is at the very end. Any test (DKIM, SPF, ARC) has these result possibilities: - Pass - No data or uncertain result - Fail The test results are imperfect, so we have to consider these probabilities

Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal

2023-06-27 Thread Alessandro Vesely
On Mon 26/Jun/2023 20:13:53 +0200 Barry Leiba wrote: I'm saying I don't want "and" to be an option, because I think it's damaging to DMARC. There is no reason anyone should ever want to say that, and providing the option asks for misconfigurations because people think it's somehow "more

Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal

2023-06-27 Thread Alessandro Vesely
On Mon 26/Jun/2023 19:32:53 +0200 Douglas Foster wrote: DKIM+SPF says "our domain, including subdomains covered by this policy, will never use an ESP". (Since most ESP messages pass SPF based on the ESP domain) ESPs can provide include files for those who wish otherwise. Best Ale --