We had an opportunity to further review the DMARCbis changes more broadly within Gmail. While we don't see any blockers in the language in DMARCbis version 28 <https://datatracker.ietf.org/doc/html/draft-ietf-dmarc-dmarcbis-28> and can live with what is there, we wanted to briefly raise some concerns around some of the changes. Two points.
Regarding the languages in section 8.6 "It is therefore critical that domains that host users who might post messages to mailing lists SHOULD NOT publish p=reject. Domains that choose to publish p=reject SHOULD implement policies that their users not post to Internet mailing lists", we wanted to point out that this is impossible to implement. Many enterprises already have "p=reject" policies. Presumably those domains were subject to some sort of spoofing which is why they went to such a strict policy. It would be unreasonable to tell them to stop posting to mailing lists as many likely already use mailing list services and will want to continue to use them. The one thing that makes this tractable is the SHOULD language as we may choose not to not follow this aspect of the specification. Our suggestion is that there is not a lot of value in including this language in the bis document if the likely outcome is that it will be ignored, and rather more effort should be placed with a technical solution for interop with mailing lists. We question the benefit versus the implementation effort and confusion of deprecating the DMARC policy "pct" percentage mode and replacing it with "t" test. We do agree that there is benefit in having receivers support a debug mode to enable DMARC deployment and that the test mode supports the most useful use case for testing with indirect mailflow behavior. However "pct" represents a sunk cost and implementing test mode seems redundant to the already existing "pct" percentage mode. Moreover both modes will likely need to be supported for a while. We do see senders use "pct" ratcheting and it will be confusing to them when at some point they will have to switch. -Wei
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
