On 03/24/2015 01:38 PM, J. Gomez wrote: > I do not agree. As long a major ESPs downgrade p=reject to p=quarantine or > even p=none on reception of email which fails DMARC checks from domains whose > Owner has published p=reject, DMARC is little more than a reporting protocol > as Vlatko Salaj has already said in another post to this list. Which is nice, > but is not a "success as an implemented technology in the real world" for > DMARC, because DMARC aims to be more than just a reporting tool.
DMARC is not some declaration of the divine right of domain owners to exercise absolute control over any message where their domain appears. DMARC is a protocol that enables domain owners/senders and receivers to *collaborate* in detecting and eliminating fraudulent messages that claim to originate from a given domain. There is implicit and explicit give-and-take in that relationship. Policy expressions from domain owners ("p=reject") are requests - ones that are followed in most cases - but no receiver is offering an unreserved, 100% guarantee that they won't act otherwise when they feel doing so is in the best interest of their users. The fact that receivers can and will do what they think best, even in the face of a given policy request, runs throughout the DMARC specification. > In fact, I think that if at the end of all this process we cannot find a way > to make p=reject to be reliably relied on, then p=reject should be suppressed > from the DMARC formal specification, as p=reject would effectively be equal > to p=do-whatever-who-cares. Again, in my experience, receivers do honor policy assertions in an overwhelming majority of cases. The reporting mechanisms in DMARC are there to help domain owners/senders improve the authentication rates of their legitimate mailflows - so the receivers can block more fraudulent messages, more reliably. Without the support for so-called "blocking policies," you have eliminated the reason for receivers to pay for complex, expensive DMARC filtering and reporting. --Steve. _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc