On Sun, Sep 17, 2023 at 11:04 AM Douglas Foster < dougfoster.emailstanda...@gmail.com> wrote:
> You misunderstsnd my position. I don't expect a world where perfect > information is dropped in my lap without any effort on my part. Not now, > not ever. > > I have determined, by measurement, that unauthenticated mail is a much > smaller percentage of all mail than one might expect. This makes > inspection of unauthenticated mail both feasible and productive. > > But DMARC hinders this discovery by pretending that mail can only be > authenticated if a policy is found. > There's no assertion by DMARC of the nature you're describing. Specifically, when no policy is found, there is no DMARC outcome to be considered; a receiver must rely on other metrics or heuristics to make its handling decisions. I don't see that as a hindrance; I see it as merely outside of the scope of what DMARC intends (or is able) to solve. > Investigation wil prevent unwanted blocks while exposing a lot of unwanted > traffic. Evaluators who are unwilling to make the effort to investigate > are taking unnecesary risks which are likely to hurt them, sooner or later. > This sounds like it might be sage advice, but it exceeds the scope of DMARC (or DKIM, or SPF, or ARC). -MSK, p11g
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc