Yes sir, I’m convinced. Some of my more conservative customers who take security deadly serious won’t even bounce a DMARC failure with a helpful message. It’s discard. I respect the person I’m thinking of who hates bouncing. He’s appropriately paranoid for a InfoSec manager.
> On Jul 23, 2023, at 1:13 PM, Barry Leiba <barryle...@computer.org> wrote: > > >> >> Without bounces the sender is in the dark. > > Yes, if the sender is a human. > > Not so, if the sender is a mailing list and that sender will then > unsubscribe the intended recipient. > Also not so, if the sender is a malfeasant who may use the bounce > message for bad purposes. > > It's very clear to me that if I think a bounce message will be > harmful, I will not send one. I will happily prefer silent discard > over a bounce when I think that's a better approach for that > situation. Bouncing a legitimate mailing list message is just bad. > If you have reason to believe you're going to do that... don't. > Either deliver the message or silently discard it. But don't bounce > it. > > Barry _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
