On Monday, December 6, 2021 2:01:10 PM EST Alessandro Vesely wrote: > On Mon 06/Dec/2021 14:29:02 +0100 Scott Kitterman wrote: > > On December 6, 2021 1:04:44 PM UTC, Todd Herr <todd.h...@valimail.com> wrote: > >>On Sat, Dec 4, 2021 at 5:35 PM Douglas Foster <dougfoster.emailstanda...@gmail.com> wrote: > >>> I have multiple objections to this paragraph in section 5.7.2 > >>> > >>> "Heuristics applied in the absence of use by a Domain Owner of either > >>> SPF > >>> or DKIM (e.g., [Best-Guess-SPF > >>> <https://www.ietf.org/archive/id/draft-ietf-dmarc-dmarcbis-04.html#Best > >>> -Guess-SPF> ]) SHOULD NOT be used, as it may be the case that the Domain > >>> Owner wishes a Message Receiver not to consider the results of that > >>> underlying > >>> authentication protocol at all." > >>> > >>> [snip] > >>> > >>> > >>> I think this text was inserted because of an open ticket when discussion > >>> was going nowhere and a new draft was created. Perhaps the originator > >>> of > >>> that ticket can elaborate on his thinking. > >> > >>To be clear, the text at issue is present in RFC 7489, Section 6.6.2. > >> > >>That doesn't make it immutable, of course... > >> > > Thanks for the clarification. I'd forgotten that was there. I definitely > > think it should be removed, regardless of the origin. > I assume you said one can locally evaluate Best-Guess-SPF, but should not > taint DMARC results by considering its outcome. That paragraph should then > be left there, no?
No. The so called best guess is no part of SPF. The document says use the SPF result. It's not an SPF result. There's nothing we can do to stop people from doing non-standard things. We already say what they should do for interoperability and protocol consistency. It's not feasible nor is it a good idea to attempt to enumerate the things people shouldn't do. I struggle to understand why this should be called out and not, to pick an example, Sender ID. I'd prefer we don't act as publicity for bad practices. Scott K _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
