Hi,
I don't understand the second paragraph:
A Domain Owner or PSO may choose not to participate in DMARC
evaluation by Mail Receivers simply by not publishing an appropriate
DNS TXT record for its domain(s). A Domain Owner can also choose to
not have some underlying authentication technologies apply to DMARC
evaluation of its domain(s). In this case, the Domain Owner simply
declines to advertise participation in those schemes. For example,
if the results of path authorization checks ought not be considered
as part of the overall DMARC result for a given Author Domain, then
the Domain Owner does not publish an SPF policy record that can
produce an SPF pass result.
Trying to dissuade people from participating in SPF or DKIM authentication
because they don't want DMARC does not convince me. How about the following:
Often, a Domain Controller may choose to not participate in DMARC evaluation
by Mail Receivers simply by not publishing an appropriate DNS TXT record for
its domain(s). However, there are cases where its Public Suffix Operator
(PSO) does publish a DMARC record, which would also involve domains below
which don't publish a DMARC record. Although PSOs publishing such records
presumably know what they're doing, a Domain Owner may still not want to
participate. In that case, it can publish a DMARC record overriding policy
and report dispositions.
Best
Ale
--
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
