> On Apr 7, 2024, at 7:00 AM, Neil Anuskiewicz <n...@marmot-tech.com> wrote: > > > >> On Apr 7, 2024, at 6:54 AM, Tero Kivinen <kivi...@iki.fi> wrote: >> >> Scott Kitterman writes: >>> I hear you. Your operational issue is my system working as designed. >>> DMARC works on top of SPF, it doesn't change it. >> >> Yes, DMARC works on top of SPF, and DKIM and provides policy layer. We >> are trying to change the fact that people rely purely on SPF, and try >> to get them moved to use DMARC istead, and we are trying to explain >> that if you do SPF inside the DMARC context, you get exactly same >> policy results you get as when you do SPF before, except you get it >> better, as you have more data available. Using -all would be >> completely ok if everybody would be doing DMARC, but as there are some >> systems which do SPF outside DMARC, and there having -all might >> shortcircuit DMARC out from the equation, we should provide guidance >> to those people how they can get best results in current environment. >> Thus the best current practice should be use to use ~all instead of >> -all if you are trying to use DMARC, and want other systems to >> actually act based on your DMARC policy.
The problem I see is that some receivers never got the memo and still enforce just on an SPF hard fail which only creates fear, uncertainty, doubt, and annoyance. _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
