On Sat, Aug 5, 2023, at 11:49 AM, Dave Crocker wrote:
> On 8/5/2023 9:30 AM, Jesse Thompson wrote:
> > Governance seems like the best word to me, since Governance is what
> > Reporting has provided to ADs in Monitoring Mode, but I do not want to
> > say DMARG out loud either :-)
>
> Here, too, the domain owner does not govern the platform receiver.
I don't disagree with you. My point was that the reports, provided by the
receivers, give to the security&compliance team the provisions they need to
convince/coerce employees to adhere to their intended governance model,
regardless of whether the receivers honor the governance model. i.e. Monitoring
Mode is not an exercise done in a vacuum. The reason to monitor is to achieve
local compliance; to govern your mail streams.
p=quarantine pct=0 (now in DMARCbis: t=y) is useful to determine the extent to
which people are participating in mailing lists and to identify lists that are
not compensating for the interoperability issues. Without t=y, the people in
charge of governance may just assume [incorrectly] that one or the other
situation is rare. Sadly, I think the t=y benefit will be overlooked, because
S&C people don't really care if the organization's employees can't easily
participate in mailing lists. They may hope/assume that receivers will honor
the policy, so "testing" implies "governance objective not yet complete".
Jesse
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc