> On Aug 9, 2022, at 3:17 AM, Ken O'Driscoll > <ken=40wemonitoremail....@dmarc.ietf.org> wrote: > > >> >> >> Any hint about why it's not used? >> > > PII. Report generators are reluctant to send reports that may contain PII for > compliance, security, and privacy reasons
Most receivers don’t provide failure reports but sometimes failure reports (when available) can be useful. I realize there are privacy and regulatory concerns. Would it be possible to reduce the scope of the failure report in general to address the privacy concerns so that they’re more widely implemented? The trade offs might be worth it to have a stripped down failure report if there was a way to do it so the failure report would be useful but not intrusive? _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc