On Fri, Dec 3, 2021 at 12:40 PM Alessandro Vesely <ves...@tana.it> wrote:
> Hi,
>
> last message for today: the "t" tag instead of "pct".
>
> That's the only part which breaks existing records. According to the last
> paragraph of this section, doing so requires v=DMARC2.
>
I'm not sure I agree with your assertion here. I'm assuming you're
referring to this paragraph:
Note that given the rules of the previous paragraph, addition of a
new tag into the registered list of tags does not itself require a
new version of DMARC to be generated (with a corresponding change to
the "v" tag's value), but a change to any existing tags does require
a new version of DMARC.
I contend that introducing 't' to replace 'pct' is not a change to an
existing tag but rather an addition of a new tag.
If you're contending that removing 'pct' is a change to 'pct', we can have
that conversation, but I don't know that I'd agree with that contention
either. There are other tags, namely 'rf' and 'ri', for which removal has
been proposed and I've not heard anyone contend that either of those
removals would constitute a change requiring a new version.
> Given also that we discovered use cases that were not considered during
> the
> hasty discussion that resulted in the decision to change tags, cases where
> pct=x with 0 < x < 100 is used as a press, gradually increasing x in order
> to
> urge various departments to comply, exactly as specified in DMARC1, I
> appeal to
> revert that decision.
>
>
>
We can have this conversation too. I will promise, however, that if the
group decides to keep 'pct', I will absolutely insist that the first
sentence in its definition be changed. Somehow, RFC 7489 got released with
this text:
pct: (plain-text integer between 0 and 100, inclusive; OPTIONAL;
default is 100). Percentage of messages from the Domain Owner's
mail stream to which the DMARC policy is to be applied.
And I will go to my grave stating that DMARC policies cannot be applied to
messages that pass DMARC authentication checks, and the definitions of
'quarantine' and 'reject' explicitly refer to messages that fail DMARC
authentication checks.
The sentence should read something like this:
Percentage of messages using the Domain Owner's domain and failing DMARC
authentication checks to which the DMARC policy is to be applied.
--
*Todd Herr * | Technical Director, Standards and Ecosystem
*e:* todd.h...@valimail.com
*m:* 703.220.4153
This email and all data transmitted with it contains confidential and/or
proprietary information intended solely for the use of individual(s)
authorized to receive it. If you are not an intended and authorized
recipient you are hereby notified of any use, disclosure, copying or
distribution of the information included in this transmission is prohibited
and may be unlawful. Please immediately notify the sender by replying to
this email and then delete it from your system.
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
