In article <by5pr13mb2999ad95b4bd7c80971fda4fd7...@by5pr13mb2999.namprd13.prod.outlook.com> you write: >I feel like what is happening sometimes is that central university IT is >trying to drag their whole institutions into a >more secure posture before anybody in a position to stop them fully >understands what's going on lest they be told to >stop because it might make things a little inconvenient.
I was with you up until that sentence, since it trivializes the real problems that overly strict DMARC policies cause. Just yesterday I was sorting out a problem with people trying to finish editing a revised IETF standard about real-time web applications. Some of the authors' messages were disappearing, apparently at random. I saw what the problem was, one of the authors is at a big company whose IT department insists on p=reject (and has blown off complaints from fairly senior people about the problems it causes), the other uses an MIT alumni address that recently moved its hosting to Microsoft without telling anyone that the new host enforces DMARC policy while the old one didn't. My guess is that MIT figured Microsoft will host this for free, that's great, totally unaware that some of its users' mail would silently break. I told them as a workaround they needed to directly cc each other when they send anything to the group list, but the whole thing is a self-inflicted wound. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
