On Sunday, April 13, 2014 1:31 AM, Franck Martin wrote:
>> my email actually fails 98%. but who cares about me, i'm no facebook sending >> to yahoo, right? or yahoo sending to google... or some other big sending to >> some other big... or whatever. > Don't publish a DMARC policy which is detrimental to you... it's "p=none". how is that detrimental to me? i don't plan changing it to "reject" anytime soon. dmarc still fails. and who will warrant me that some big esp doesn't get all self-righteous and simply ignores my dmarc policy, instead choosing to process my email according to its dmarc fail status? who says yahoo won't just decide my email is a spam, that my domain is publishing "none" as any good phisher would, and then simply process my email using dmarc filters, regardless of my dmarc policy? obviously a spec that isn't even a standard can't rly warrant me such a thing, similarly to how yahoo doesn't care about obvious shortcoming in the current spec, or even less, its recommendations. let's all force our beliefs on world like yahoo did, and hope tranquility will be the result. pretty childish thinking. > Also please correct your DMARC record, it is invalid: > https://dmarcian.com/dmarc-inspector/goodone.tk my dmarc record is perfectly valid, as per current spec. what's broken is dmarcian.com check algorithm, which i reported to them two months ago, and they acknowledged it. why they didn't fix it yet, isn't my problem, but my record is following current spec. i expected more from ppl on this list... u don't even know the spec, yet u argue about it. great work all. just wonderful. the only benefit from all dmarc crap for me is "fo=d:s" reporting policy. at least i get reports when spf and/or dkim fail. dmarc alignment will always fail for me. yet my infrastructure isn't at all rare, unique or uncommon, but actually pretty used practice. so, at least i can disable dmarc processing with "p=none" and that's my recommendation to all who believe in wide legitimacy of email natures. you never know if recipients use forwarding without SRS, or whether their infrastructure breaks DKIM, or even what type of SPF check they r doing, cause even current SPF spec is defining evaluation uncertainties. with "p=reject" policy your important email to some geeky admin on another side of the planet may simply get lost, just because u have no control on how ur email gets delivered or validated on their side. one forward here, one anti-spam added header there, and walla, u r phishing from ur own email account. congratulations. no phisher would do it better. -- Vlatko Salaj aka goodone http://goodone.tk _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
