> On 1 Mar 2023, at 16:21, John R Levine via mailop <mailop@mailop.org> wrote: > >> Still, i am a bit wondering; Looking at the data flushed in so far (and >> already multiple bugs filed against implementations)... there are a lot >> of funny milters and often unmaintained software integrated in funny >> docker stacks (probably preaching to the choir there, but i have a lot >> of grievances with those setups), and generally a lot of awry things >> (example.com. IN TXT "v=spf1 include:example.com -all" is, for example, >> far more common than i'd have ever believed...). > > In the DMARC working group we've had endless arguments about what changes > will or won't break existing DMARC setups, informed by a lot of opinions and > very little data. Actual data would be greatly appreciated. > > It's not surprising that there are a lot of broken DMARC and SPF records. The > question is whether anyone cares. My impression is that in many cases there > was a checklist item "DMARC" so someone did the absolute mimimum. A p=none > policy, a sloppy SPF record, and no DKIM is a strong hint.
Likewise, there are countless folks out there recommending implement DMARC for every deliverability problem (with absolutely zero recommendations as to what that means). There are also soom EXTREMELY broken SaaS providers who have instructions for that say: publish this DKIM key in your DNS, publish this DMARC record and publish this SPF record - while the SaaS provider uses none of the customer domains anywhere in the mail. Additionally, there are scammers out there hunting for bug bounties using “your domain is at risk due to a lack of DMARC record, how much will you pay me for letting you know?” laura -- The Delivery Experts Laura Atkins Word to the Wise la...@wordtothewise.com Email Delivery Blog: http://wordtothewise.com/blog
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
