On 11/13/20 9:03 AM, dotz...@gmail.com wrote: > > > On Fri, Nov 13, 2020 at 9:46 AM Joseph Brennan <bren...@columbia.edu > <mailto:bren...@columbia.edu>> wrote: > > > > As another case, would people be surprised that email for the > medical center cumc.columbia.edu <http://cumc.columbia.edu> is a separate > system managed by a separate IT group from columbia.edu > <http://columbia.edu>, and that any authentication for one should not be > applied to the other? I don't think this is unique in large decentralized > universities. The real email world is a complicated place. > > > The simple solution is for cumc.columbia.edu > <http://cumc.columbia.edu>to publish its own record. Done. > > Michael Hammer > > > I don't think I have the right to force the owner of another domain to > publish dmarc. The owner of the other domain may want to allow users in their > domain to contribute to lists and groups without having their messages > rejected, or mangled by well-intentioned workarounds. This is not simple. > This is a real-world case with the domains ending columbia.edu > <http://columbia.edu>. > > > If CUMC publishes a DMARC record for cumc.columbia.edu > <http://cumc.columbia.edu>, how is it forcing another domain to do anything? > As far as "owner of a domain", If Columbia University registered the domain > columbia.edu <http://columbia.edu>, then CUMC is using the subdomain because > Columbia University is allowing it to, presumably through some sort of > written agreement. A technical standards body cannot address business and > contractual arrangement in the manner you appear to be asking. If Columbia > University stopped delegating the subdomain cumc.columbia.edu > <http://cumc.columbia.edu>, would you turn to the IETF for redress?
You can't think of universities as single entities with central management authority. For the longest time our CS department owned wisc.edu and central IT had to ask them for permission to use it for campus-wide email. Yes, 3rd level domains should be encouraged to publish DMARC records for their domains to reflect how they are being used, and putting p=none not a big ask of them. The departmental IT who understand DMARC immediately ask: "How do I publish a subdomain policy? Oh, I can't? Well, you better not ever change sp=none at the org domain." Jesse _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
