On Tue, Dec 1, 2020 at 8:43 PM Steven M Jones <s...@crash.com> wrote:
> On 12/1/20 4:16 PM, Douglas Foster wrote: > > > > I have always assumed that p=quarantine and pct<>100 were included to > > provide political cover for "Nervous Nellies" who were afraid to > > enable p=reject. > > p=none, p=quarantine, and the pct= option were all included so that > organizations could set policies according to their own risk/reward > evaluation, including changes to those evaluations over time. > Absolutely agree with Steve on this. The key phrase is "risk/reward evaluation". As about the first person to publish DMARC records (before the specification was public), I went straight to p=reject, but I had the benefit of feedback from participating mailbox providers before we even had an agreed upon reporting format. Even with that, I missed one oddball server for both DKIM signing and SPF. The organization I worked for had a number of heavily abused domains from a direct domain abuse perspective. None of the mail was going through mailing lists or other intermediaries other than a very small fraction of a percent going through vanity domains, etc. My point is that if my circumstances were different I might have gone through p=quarantine or even stayed there permanently. > > > > Pct<>100 is pretty much similar. A sender can specify pct=20, but > > that does not mean that I am going to allow spam into my system 80% of > > the time simply to make the sender happy. > > I really hope no casual readers get the impression that DMARC bypasses > spam filtering. DMARC evaluations are expected to be independent of spam > evaluations. If there's any overlap here, perhaps it would be for DMARC > (and/or underlying protocols) to provide reliable domain attribution to > drive a local policy decision about filtering. > DMARC does one thing and one thing only - It mitigates direct domain abuse. It does not stop spam, phishing or a multitude of other problems. > > > > Leaving it deployed is a useful ruse to promote deployment. I favor > > leaving both mechanisms in place. > > While I deplore characterizing these policy elements as a "ruse," I > agree that p=quarantine should be kept. > Again, I agree with Steve on this. Michael Hammer
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
