I've been running email servers for 25 years. My number 1 priority is that legitimate mail gets through. Stopping the bad stuff is very important but not number 1. Does DMARC causes legitimate mail to fail? Yes, so to me it's a fail.
I can understand the transactional mail case, as I stated in previous messages. The burden is on the businesses implementing DMARC protection to inform customers to give their real end-point email addresses and not any vanity forwarding services. Any two sides can agree between them on some optional additional security measure. It's a good thing. For general end-user mail? It's a bad thing. It will cause email to fail, and it will cause people not drinking the DMARC kool-aid to implement crazy non-standard things with From headers to make email work the way it should work without crazy workarounds. I see no reason that the DMARC standard should not spell out explicitly the use case that it is intended to meet, and recommend against using it for other use cases. I realize that this was said ten years ago (or whatever it was) when yahoo/aol began abusing DMARC. But see how that went. The problem was not really DMARC at all, it was abuse of DMARC. -- Joseph Brennan Lead, Email and Systems Applications Columbia University Information Technology
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
