On Wed 01/Jun/2022 16:19:10 +0200 Todd Herr wrote:
On Wed, Jun 1, 2022 at 6:27 AM Alessandro Vesely <ves...@tana.it> wrote:
The point of domain level authentication, stressed by DMARC by requiring
alignment, is that hosting domains provide mail servers for both incoming
and outgoing messages. The old habit of sending out mail through ISPs had
to be abandoned. If Fastmail was contracted by Verisign to send mail for
*.name users, they could virtualize their service as well. >
DMARC makes no such request of anyone deploying DMARC to support use of
their domain.
Eh? Of course, you consider that /use of domain/ doesn't include publishing
DNS records. (I thought a domain consisted of nothing else...)
I spent years working for SparkPost, and while we sent billions of messages
on behalf of our customers, we most assuredly did not require that we
accept any inbound mail for them, and a number of them deployed DMARC just
fine.
The act of DKIM-signing messages using a domain aligned with the domain in
the visible From: header requires no hosting of inbound mail for that
domain, but will result in a DMARC pass if the DKIM signature validates.
Even in the cases where the Return-Path domain aligned with the From:
domain, it was a subdomain of the From: domain (e.g., bounces.foo.com for
Return-Path, foo.com for From) so that asynchronous bounces could be
captured and suppressed. We never accepted mail for per...@foo.com, or
roleacco...@foo.com.
Thank you for pinpointing the exact DMARC requirements. My assertion that
hosting domains must provide servers also for outgoing mail wasn't mean to
imply that they have to do that in-house. I know ESPs exist.
What I wanted to stress is that users of a domain name, people who somewhat
identify themselves with that domain without having admin power on it, need
that domain to support incoming and outgoing mail setting. Of course, the
admin can outsource any part of that job. Letting users set up outsourcing
provisions on their own should not be admissible.
Best
Ale
--
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
