On Fri, Dec 3, 2021 at 12:40 PM Alessandro Vesely <ves...@tana.it> wrote:
> Hi, > > last message for today: the "t" tag instead of "pct". > > That's the only part which breaks existing records. According to the last > paragraph of this section, doing so requires v=DMARC2. > I'm not sure I agree with your assertion here. I'm assuming you're referring to this paragraph: Note that given the rules of the previous paragraph, addition of a new tag into the registered list of tags does not itself require a new version of DMARC to be generated (with a corresponding change to the "v" tag's value), but a change to any existing tags does require a new version of DMARC. I contend that introducing 't' to replace 'pct' is not a change to an existing tag but rather an addition of a new tag. If you're contending that removing 'pct' is a change to 'pct', we can have that conversation, but I don't know that I'd agree with that contention either. There are other tags, namely 'rf' and 'ri', for which removal has been proposed and I've not heard anyone contend that either of those removals would constitute a change requiring a new version. > Given also that we discovered use cases that were not considered during > the > hasty discussion that resulted in the decision to change tags, cases where > pct=x with 0 < x < 100 is used as a press, gradually increasing x in order > to > urge various departments to comply, exactly as specified in DMARC1, I > appeal to > revert that decision. > > > We can have this conversation too. I will promise, however, that if the group decides to keep 'pct', I will absolutely insist that the first sentence in its definition be changed. Somehow, RFC 7489 got released with this text: pct: (plain-text integer between 0 and 100, inclusive; OPTIONAL; default is 100). Percentage of messages from the Domain Owner's mail stream to which the DMARC policy is to be applied. And I will go to my grave stating that DMARC policies cannot be applied to messages that pass DMARC authentication checks, and the definitions of 'quarantine' and 'reject' explicitly refer to messages that fail DMARC authentication checks. The sentence should read something like this: Percentage of messages using the Domain Owner's domain and failing DMARC authentication checks to which the DMARC policy is to be applied. -- *Todd Herr * | Technical Director, Standards and Ecosystem *e:* todd.h...@valimail.com *m:* 703.220.4153 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc