* pgndev: > https://dmarc.org/2017/03/can-i-use-dmarc-if-i-have-only-deployed-spf/ > > "... > you can use DMARC with only SPF – and absolutely should, at least as far as > enabling reporting – > ..."
Tut, tut... Partial quotes, out of context. How desperate some of you have become. The relevant paragraph reads as follows: [People] knew the recommendation is to use both DKIM and SPF, and were concerned that their organizations couldn’t benefit from DMARC without DKIM. The short answer is that you can use DMARC with only SPF – and absolutely should, at least as far as enabling reporting – but there are some very important questions you have to answer before moving past that to a DMARC policy that would block unauthenticated messages. Anybody who uses blocking DMARC policies without DKIM for domains used on mailing lists: Please stop moaning and do your homework. You're just wasting time. -Ralph
