> On Apr 10, 2023, at 9:13 PM, Neil Anuskiewicz <n...@marmot-tech.com> wrote: > > I’m a bit concerned that the document will discourage domain owners from > working toward an enforcing policy. I’ve seen at least one person say that > most domains don’t need to go to p=reject. I’ve seen all sorts of domains > attacked? Granted, high profile domains or perceived lucrative targets will > receive the most attention but threat actors absolutely do attack all sorts > of organizations all the time. > > Maybe I’ve misunderstood but I hope that no language that could be construed > as discouraging domain owners from moving toward an enforcing policy would be > added to the document.
I meant to say that I’ve seen all sorts of domains attacked. The goal should be to get to an enforcing policy. It makes sense for very small businesses to be very reluctant to enforce unless they have the access to the expertise. But any domain owner that can should protect their domains. Neil _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
