On Wed, Jan 19, 2022 at 8:26 AM Douglas Foster < [email protected]> wrote:
> I have been trying to understand why such a big disconnect is possible > between my usage of DMARC data and the standard one. I have concluded > that it occurs because we are dealing with two protocols, not one, and the > standard view conflates them unnecessarily. The first protocol is the > algorithm for detecting DMARC PASS, and the second protocol is the > algorithm for handling DMARC FAIL. > No. There is one protocol - DMARC, and the application of that protocol can nominally produce two results - PASS or FAIL. The protocol defines the methods for arriving at those results, and offers the domain owner the opportunity to publish its opinion on what should be done with messages producing a FAIL verdict, but does not mandate any behavior for FAIL verdicts, nor should it. Message handling decisions will always, always, always be at the discretion of the receiving domain; their network, their rules. [snip] The two protocols are largely independent. A domain owner could publish > nothing for SPF and DKIM, then publish a P=REJECT policy, to indicate that > it never sends mail from a particular subdomain name. It could also > publish SPF and DKIM information to allow some messages to be > authenticated, yet publish no DMARC policy to guide failure handling. > There is already a better commonly accepted way for a domain owner to announce that a domain sends no mail, and this method is computationally less expensive for the receiving side. The method is to publish an SPF record that looks like this: "v=spf1 -all" Because SPF is checked during EHLO/MAIL FROM, the transaction can be terminated earlier than one relying on DMARC, which requires that the entire message be consumed by the receiving server so that the RFC5322.From header can be parsed for the domain and DMARC checking can proceed. -- *Todd Herr * | Technical Director, Standards and Ecosystem *e:* [email protected] *m:* 703.220.4153 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
