It appears that Alessandro Vesely <ves...@tana.it> said: >>>> The alternative I suggested is 100% compatible with the installed base. >>>> If a domain has published DMARC policy per RFC 7489, the proposed new >>>> approach will still find it. > >Yes, but would PSL-based DMARC filters have to be re-written, re-tested, >re-installed?
If we make any changes at all to DMARC, people will have to update their code. That's not a very compelling argument. >Another criterion, beside tree-walk and PSL, could be to look at the d= tag of >the DKIM signatures that are aligned with the From: domain. Would that be >semantically equivalent to the procedure described in the current Section >6.7.2? I don't understand what you're proposing. Are you saying to look for DMARC records at the d= domains in the signatures on a message? What if it has no signatures but might be SPF aligned? >The concept of Organizational Domain is still useful for receivers, as it >helps >setting up reputation databases. Sure. You get the org domain via the tree walk. > In this respect, the PSL is also useful >outside the DMARC protocol; for example, to get the organizational domain of >HELO arguments. I don't immediately see the utility of the org domain of the HELO unless you're checking SPF on a bounce, but why wouldn't you do the same tree walk? R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc