On 05/30/2014 11:28 AM, Stephen J. Turnbull wrote: > I am of the opinion that the technical DMARC protocols (including > "p=reject") are fine. I have not heard of any complaint about use by > banks (Bank of America joined the ranks of "p=reject" banks some time > in the last 10 days AFAICT). Have there been any?
Disclosure: Technically I could be considered on BofA payroll through tomorrow. In essence I stopped being their employee earlier this year. While BofA does have some domains with "p=reject" they had not, so far as I know, published such a policy on a domain that sent email as part of a product or service. There were at least two product teams that were working to do so, and one of them had a "p=quarantine" published but hadn't solidified plans of when they would start sending email. The fact that this hadn't happened by nearly two years after the first release of the DMARC spec was not because I wasn't pushing for it... If you really want to know, I would look for anecdotes around JPMChase, who managed to publish "p=reject" for many if not all of their most visible production domains over a year ago, if I have the timeframe right. But I'm not aware of any complaints about DMARC when used in the manner you're referring to. --Steve. _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
