Michael Jack Assels writes: > A domain SHOULD NOT publish a p=reject policy if it will emit mail > intended to be mediated with modifications by another domain unless > the mediating domain is exempted from the policy by [fill in the > eventually approved mechanism(s)].
That won't work; you don't want to exempt mediating domains, you want to exempt specific mail flows destined for those domains. Anyway, I seem to recall that discouraging wording was in drafts around a year ago (but not at the level of SHOULD NOT, since searching for SHOULD NOT doesn't find it). But even a SHOULD NOT wouldn't have any effect, as representatives of the "errant domains" take the postion that "we didn't *want* to, but we were *forced* to publish p=reject". > That would at least nudge errant ESPs away from their misguided > ways, Yahoo! claims that malicious mail flows of over 1 million messages per minute went away like magic when they published p=reject. An RFC nudge won't be noticed compared to the business consequences of that. > and the rest of us can honor p=reject without losing any > sleep over it. But that's not a problem any more. Go ahead, honor p=reject. Mailing lists have been forced to adopt mitigation measures because the errant domains themselves honor p=reject, and I don't know what 3rd-party originators have done -- mostly closed up shop, I suppose. _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
