On Tuesday, May 7, 2024 9:09:02 PM EDT Mark Alley wrote: > On 5/7/2024 7:00 PM, Dotzero wrote: > > https://www.ic3.gov/Media/News/2024/240502.pdf > > > > This was released this past week by the FBI. Although we are in last > > call, I have to wonder if a) the attack itself, and/or b) the > > government recommendations regarding policy might impact DMARCbis in > > any manner. I've only just started thinking about the attack itself > > and potential implications. > > > > Michael Hammer > > While the subject is interesting, in my eyes, Business Email Compromise > (BEC), and a non-preferential DMARC policy disposition published by the > spoofed domain owner aren't an issue with the DMARC mechanism itself. > The receiving mail system did exactly what the domain owner requested > with p=none, no disposition was taken on email(s) failing DMARC. > > From an alternate point of view, one might consider how this policy > could be more broadly "exploitable" as a side effect now that the > internet email ecosystem is inundated with p=none DMARC records by > domain owners just doing the bare minimum to meet ESP sender > requirements, but that's still not a problem with DMARC itself. > > Addressing this issue - perusing Section 5.5.6, is there anything else > we could add that would be acceptable language in an Standards track > document to encourage urgency behind a transitory state of p=none use by > domain owners? Would that even make sense to do? (Legitimate question > for the WG)
I don't think the claim that p=none is "transitory" is at all generally correct. It will be in some cases and not others. Scott K _______________________________________________ dmarc mailing list -- dmarc@ietf.org To unsubscribe send an email to dmarc-le...@ietf.org
