Re: [dmarc-ietf] Search for some consensus, was: Proposed text for p=reject and indirect mail flows

Thu, 27 Apr 2023 19:53:10 -0700 


On April 28, 2023 2:25:57 AM UTC, Jesse Thompson <z...@fastmail.com> wrote:
>On Thu, Apr 27, 2023, at 9:30 AM, Brotman, Alex wrote:
>> Attempt to make it a tad more concise (I think), altering some of the 
>> language:
>> 
>> ---------------------
>> There can be inherent damage to the ability to use certain SMTP-based 
>> systems in conjunction with a policy of quarantine or reject.  These could 
>> include, though are not limited to, mailing lists, forwarding services, and 
>> other types of indirect mail flows.  Especially in situations where the 
>> sending domain is SPF-only, or the intermediary is known to alter messages.  
>> If the users of the domain may utilize these types of systems, the domain 
>> administrator MUST NOT deploy a policy of quarantine or reject without 
>> serious considerations to the impact to interoperability.  These 
>> considerations will be informed by careful analysis of DMARC aggregate 
>> reports prior to deploying such a policy.  Some third-party systems may be 
>> willing to create a workaround for these situations, though it cannot be 
>> guaranteed.  Domain owners MAY choose to create a sub-domain 
>> (listmail.example.org) or cousin domain (listmail-example.org) which uses a 
>> different policy for users wishing to utilize those service
 s.
>> ---------------------
>
>I like this, and it gives room for best common practices to evolve that don't 
>necessarily conflict.
>
>s/
>    Especially in situations where the sending domain is SPF-only, or the 
> intermediary is known to alter messages.  If the users of the domain may 
> utilize these types of systems, the domain administrator MUST NOT deploy
>/
>    For situations where the sending domain is not DKIM signing all of its 
> traffic in an aligned fashion or there is legitimate use of an intermediary 
> known to alter messages, the domain administrator MUST NOT deploy
>/x

I think most of this would be good in a non-normative appendix.  For my 
immediate purpose, I'm imagining that in addition to the [adjective] domain, 
there would need to be an amplification of [adjective] that would explain 
exactly what we mean by [adjective] and what actions a domain owner might take 
in order to be [not adjective].

I don't think it's formally part of the protocol, but it's quite important.

Scott K

_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
























					Reply via email to