On Tue, Sep 19, 2023 at 8:20 AM Scott Kitterman <skl...@kitterman.com> wrote:
> > > On September 19, 2023 8:50:02 AM UTC, Alessandro Vesely <ves...@tana.it> > wrote: > >Hi all, > > > >the second sentence of the second paragraph of Section 5.8: > > > >OLD > > In particular, because of the considerations discussed > > in [RFC7960] and in Section 8.6 of this document, it is important > > that Mail Receivers not reject messages solely because of a published > > policy of "reject", but that they apply other knowledge and analysis > > to avoid situations such as rejection of legitimate messages sent in > > ways that DMARC cannot describe, harm to the operation of mailing > > lists, and similar. > > > >I have the feeling that most readers understand that allusion to /other > knowledge and analysis/ to mean content filtering. Thence the lemma that > if we can relay on content filtering then we don't need strong > authentication. Instead, referenced Section 8.6 presents forwarding as > /the/ scenario where DMARC fails. Accordingly, this section could be more > precise on the kind of semantically acceptable enforcement exceptions. Let > me try a wording: > > > >NEW > > In particular, because of the considerations discussed > > in [RFC7960] and in Section 8.6 of this document, it is important > > that Mail Receivers seek additional knowledge and mechanisms whereby > > published policies of "reject" and "quarantine" can be safely > overridden. > > Mailing lists, and forwarding in general present cases where messages > are > > legitimately sent beyond the author domain's reach, breaking SPF and > > possibly also DKIM. The combined effort of Mail Receivers and > Forwarders > > can lead to establishing a strong recognition of such mail flows, > warranting > > discharge from DMARC policy enforcement while still respecting the > > semantics of the author domain policy, thus avoiding the harm that > > otherwise DMARC causes to the operation of mailing lists. > > > > > >Is that cool? > > No. I think this section is currently, correctly, focused on what to do > with only references to why. I don't think we should change that. If the > current references are inadequate, then we should improve them, not attempt > to restate them. > > I don't think "other knowledge" is limited to content filtering and your > attempt to be more precise is problematic because it doesn't actually > achieve the goal. > > "The combined effort of Mail Receivers and Forwarders ...", for example, > leaves out mailing lists, which is one of the things you said you were > trying to solve. > > Scott K > I agree with Scott. Michael Hammer
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
