On Sat 16/Jul/2022 16:20:09 +0200 Douglas Foster wrote:
My proposal:
Sibling authentication should be disabled by default, even for
policies that specify relaxed authentication. Those organizations
that want sibling authentication should explicitly request it using a
tag (to be defined) on the Organizational Domain policy. If the tag
is not present, relaxed authentication enables only exact,
parent-child, and child-parent relationships.
I'd be in favor of introducing a third mode, adkim=n, say, for
not-so-relaxed.
Since it'd be a new feature, it cannot be the default. Those who
don't recognize it should ignore it and assume adkim=r.
Best
Ale
--
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
