On 3/31/2024 11:32 AM, Alessandro Vesely wrote:
On Sun 31/Mar/2024 14:22:04 +0200 Douglas Foster wrote:
On SPF, our document should say simply,
" a DMARC-compliant evaluator MUST NOT reject a message, based on SPF
result, prior to receiving the Data section and checking for aligned
and verifiable signatures."
Rejecting at RCPT TO is much quicker than waiting for the whole message.
On this, I agree.
People who publish -all know what they do.
I posit that there is a non-insignificant amount of domain owners that
don't know what the consequences of -all are other than that they've
been instructed to use "-all" by a guide online, (questionably) by an
ESP, or by auditors or check boxes for several notorious vendor health
checks that still recommend to use it as a best practice, or even as the
defaults that came with their domain from <registrar>, and don't know
any better.
I don't think it's fair to characterize SPF -all's entire usage based on
the assumption everyone knows what it does, when reality demonstrates
otherwise.
- Mark Alley
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
