It appears that Scott Kitterman <skl...@kitterman.com> said: > >What's the incentive that any existing DMARC users (senders or receivers) >would have to invest additional resources in another email >authentication protocol?
We have two of the largest mail operators in the world saying that if they can't tell which org domain scheme domain expects, they won't implement the tree walk. We have to do something or we are wasting our time. So how about this: in the tree walk, you look for DMARC records that have an explicit psd=y/n/u tag. If you find at least one record with a tag, you use the new scheme. If you find no records with a tag, you fall back to the old scheme. I think this will let people do everything they can do with the current tree walk, while being backward compatible. If you want a domain to be an org domain you put psd=n, if you want the tree walk to skip it and keep looking, you put psd=u, and if it's one of the 0.001% of domains that actually is a PSD, you put psd=y. We already added DiscoveryType to the aggregate report schema so we are OK there. R's, John PS: Whether we say people SHOULD NOT use SPF is a separate issue. _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc