On January 22, 2015 6:35:59 PM EST, Kurt Andersen <kb...@drkurt.com> wrote: >On Thu, Jan 22, 2015 at 3:30 PM, Scott Kitterman <skl...@kitterman.com> >wrote: > >> If I were configuring and SPF verifier to provide an input to DMARC >> processing, then I would probably configure it not to reject based on >SPF >> fail. Then the problem doesn't arise. >> >> This really is a non-issue. >> > > >Are you suggesting that the DMARC spec should say that people SHOULD >configure (some would say usurp) SPF in such a way? I seem to recall >some >contentious discussions about such usurpation during SPFbis (though I >could >be conflating arguments from another context).
Of course. Section 6.7 discusses this in general terms. If you want to only use SPF as an input to DMARC, then it wouldn't make sense to set up your system to reject mail just based on SPF. Specifying receiver policy was somewhat contentious in SPFbis. In the end, RFC7208 specifies almost, if not, exactly the same amount of receiver policy as did RFC4408 (almost none). Scott K _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc