Personally, I have no interest in defining this stuff but in practice, there are a lot of places where people are instructed to "implement DMARC", and it would be nice to encourage them to do more than publish a lame SPF record and p=reject.
R's, John In article <e516b4ec-7d0e-4b46-842c-c15f6663d...@wordtothewise.com> you write: >> As a straw man to start conversation (assume this is all wrong): >> >> The domain owner: >> - partially participating: valid record? >> - complete participation: no part of the domain hierarchy can be spoofed >> by an unauthenticated sender? >> >> The receiver/MTA: >> - partially participating: validates DMARC? >> - complete participation: validates DMARC and ARC, and sends aggregate >> reports? >> >> The intermediary (is this different than a receiver?): >> - partially: validates DMARC? >> - complete participation: validates DMARC and validates and seals ARC? > >The service provider / outgoing MTA (think SendGrid or other bulk MTAs) >- partially participating: allows domain owner to verify using DKIM or SPF >- fully participating: allows domain owner to verify using both DKIM and SPF _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
