On Aug 5, 2023, at 12:57 PM, Benny Pedersen <m...@junc.eu> wrote: > > Dave Crocker skrev den 2023-08-05 18:49: > >>> Governance seems like the best word to me, since Governance is what >>> Reporting has provided to ADs in Monitoring Mode, but I do not want to say >>> DMARG out loud either :-) >> Here, too, the domain owner does not govern the platform receiver. > > good news for paypal phishers, sadly > > the recipient should newer recieve mail that is with credit card info by > dmarc is unaligned to the dmarc policy, when policy is basicly ignored we > have the underlaying problem dmarc should solve, but as is does not >
As a receiver, I don’t wish to be inundated with spam or spoofs. I will honor incoming mail domain policies with deterministic rules. As a sender, I want other receivers to also honor and protect my domains as well. It’s a win-win. SPF -ALL has proved to help with an average of ~5% rejects since its introduction. The growth was slow and it has come with its irritating small amount of well-known forwarding problems. With DMARC, we just have not enabled p=reject failures yet. We need more persistent deterministic DMARC “rules” before flipping this switch. SPF and DKIM Policy models since SSP has been about informing receivers about Domain Mail Operational expectations. This has been good. Receiver Local Policy always prevails but a “hint” can help decide things especially when it comes to failures. — HLS _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
