On Mon, Sep 27, 2021 at 6:29 AM Douglas Foster < dougfoster.emailstanda...@gmail.com> wrote:
> If a domain has an enforceable DMARC policy, and the message has no > signature, then the policy interpretation would be equivalent to a "DO NOT > FORWARD" order on postal mail. > > We expect that this action is probably not what the actual sender intends > or what the final recipient wants, just what the policy recommends. The > forwarding mediator has incentives to please the final recipient, so he is > unlikely to enforce a "Do Not Forward" request even if it is > legitimately made. > DMARC deals with signals from domains, not individual users (except for the edge case of personal domains). IETF standards deal with interoperability, not crystal balls or psychic readings attempting to interpret the wishes of individual users. If a Sending Domain publishes a policy, the Validator, whether an Intermediary or a Receiving Domain, has the choice of respecting the policy expressed by the Sending Domain or alternatively, exercising a local policy choice contrary to the Sending Domain policy request. It really is that simple. Trying to enshrine the basis for a multitude of potential reasons for local policy choices in an IETF standard is a guaranteed fail. > > Since this situation happens with some regularity, does it warrant some > commentary in the specification? > The only appropriate commentary is a warning to Sending Domains which choose to publish DMRC policy: "Be careful what you ask for. You might just get what you ask". When people publish broken DNS records (A, MX, etc.) do we tell others to guess the intent of the publishing domain? No, if one sees a broken record and feels like it, they tell the domain registrant (assuming the veil of opacity created by GDPR can be pierced) to fix their DNS record. Michael Hammer
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
