On April 28, 2023 2:25:57 AM UTC, Jesse Thompson <z...@fastmail.com> wrote:
>On Thu, Apr 27, 2023, at 9:30 AM, Brotman, Alex wrote:
>> Attempt to make it a tad more concise (I think), altering some of the
>> language:
>>
>> ---------------------
>> There can be inherent damage to the ability to use certain SMTP-based
>> systems in conjunction with a policy of quarantine or reject. These could
>> include, though are not limited to, mailing lists, forwarding services, and
>> other types of indirect mail flows. Especially in situations where the
>> sending domain is SPF-only, or the intermediary is known to alter messages.
>> If the users of the domain may utilize these types of systems, the domain
>> administrator MUST NOT deploy a policy of quarantine or reject without
>> serious considerations to the impact to interoperability. These
>> considerations will be informed by careful analysis of DMARC aggregate
>> reports prior to deploying such a policy. Some third-party systems may be
>> willing to create a workaround for these situations, though it cannot be
>> guaranteed. Domain owners MAY choose to create a sub-domain
>> (listmail.example.org) or cousin domain (listmail-example.org) which uses a
>> different policy for users wishing to utilize those service
s.
>> ---------------------
>
>I like this, and it gives room for best common practices to evolve that don't
>necessarily conflict.
>
>s/
> Especially in situations where the sending domain is SPF-only, or the
> intermediary is known to alter messages. If the users of the domain may
> utilize these types of systems, the domain administrator MUST NOT deploy
>/
> For situations where the sending domain is not DKIM signing all of its
> traffic in an aligned fashion or there is legitimate use of an intermediary
> known to alter messages, the domain administrator MUST NOT deploy
>/x
I think most of this would be good in a non-normative appendix. For my
immediate purpose, I'm imagining that in addition to the [adjective] domain,
there would need to be an amplification of [adjective] that would explain
exactly what we mean by [adjective] and what actions a domain owner might take
in order to be [not adjective].
I don't think it's formally part of the protocol, but it's quite important.
Scott K
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc