Re: [dmarc-discuss] Thoughts for new value 'p=nomail'
On Mon, 31 Aug 2020, Brandon Long wrote:
Hmm, DMARC is for the header from domain, however, I wonder if folks
usually only do the spf lookup on the mail from argument, which may not
be aligned and therefore doesn't hit that.
And then how would this also play with say the Sender: header override
draft, would you expect to listen to the SPF for the header from domain
saying "no mail" or allow override?
We can get awfully meta here. Imagine an executive who has her assistant
send all her mail, so the address in the From: line never sends any mail,
although you can send mail to her. So SPF -all would be right even though
the address is OK.
Agreed with the general case of "I really mean it" though.
But this gets into "who cares what you think" territory (generic you, not
Brandon you.)
I think the least wrong thing to validate the From header is to check for
a null MX. I realize that a lot of bulk mail is sent with From addresses
that don't work ("please do not reply to this message, because we do not
care what you want"), but I expect they're unlikely to publish null MX.
Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)
Re: [dmarc-discuss] Thoughts for new value 'p=nomail'
On Mon, Aug 31, 2020 at 11:23 AM John Levine via dmarc-discuss < dmarc-discuss@dmarc.org> wrote: > In article aoy9o3mw4-uoyo9dh_c3ulpmwnb...@mail.gmail.com> you write: > >-=-=-=-=-=- > >-=-=-=-=-=- > > > >With some of my recent DMARC reports for my domains I've seen comments > >about over riding the p=reject and deciding the mail should be quarantined > >vs rejected because the recipient mailbox provider thought it was > >forwarded. > > > >Would it be useful to add an additional DMARC be expanded to have a > >'p=nomail' value so when a domain that is already publishing "v=spf1 -all" > >and has a 'p=reject' value that it really should be rejected regardless of > >what the recipient domain thinks about a mail being forwarded or not? > > We already have SPF "v=spf1 -all" to say that a domain sends no mail, > and MX 0 . to say that it receives no mail. In general it's not a > great idea to invent multiple ways to say the same thing, or to look > at it another way, if recipients aren't taking the hint from SPF, why > do we think they'd pay attention to a similar hint from DMARC? > Hmm, DMARC is for the header from domain, however, I wonder if folks usually only do the spf lookup on the mail from argument, which may not be aligned and therefore doesn't hit that. Not that an inbound filter couldn't also do an spf lookup on the header from domain... or an mx lookup on the reply to domain for that matter. And then how would this also play with say the Sender: header override draft, would you expect to listen to the SPF for the header from domain saying "no mail" or allow override? Agreed with the general case of "I really mean it" though. Brandon ___ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
Re: [dmarc-discuss] Thoughts for new value 'p=nomail'
In article you write: >-=-=-=-=-=- >-=-=-=-=-=- > >With some of my recent DMARC reports for my domains I've seen comments >about over riding the p=reject and deciding the mail should be quarantined >vs rejected because the recipient mailbox provider thought it was >forwarded. > >Would it be useful to add an additional DMARC be expanded to have a >'p=nomail' value so when a domain that is already publishing "v=spf1 -all" >and has a 'p=reject' value that it really should be rejected regardless of >what the recipient domain thinks about a mail being forwarded or not? We already have SPF "v=spf1 -all" to say that a domain sends no mail, and MX 0 . to say that it receives no mail. In general it's not a great idea to invent multiple ways to say the same thing, or to look at it another way, if recipients aren't taking the hint from SPF, why do we think they'd pay attention to a similar hint from DMARC? R's, John ___ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
Re: [dmarc-discuss] Thoughts for new value 'p=nomail'
On Mon, Aug 31, 2020 at 12:45 PM Matt Vernhout via dmarc-discuss < dmarc-discuss@dmarc.org> wrote: > With some of my recent DMARC reports for my domains I've seen comments > about over riding the p=reject and deciding the mail should be quarantined > vs rejected because the recipient mailbox provider thought it was > forwarded. > > Would it be useful to add an additional DMARC be expanded to have a > 'p=nomail' value so when a domain that is already publishing "v=spf1 -all" > and has a 'p=reject' value that it really should be rejected regardless of > what the recipient domain thinks about a mail being forwarded or not? > > I see that this could also be valuable for parked domains, expired domains > and defensive domain registrations to provide additional levels of clarity > where a recipient network is trying to make the effort to deliver email but > due to their internal decision making are delivering mail that they > shouldn't be. > > ~ > *MATT* > I think it's worth discussing but at the end of the day, a policy statement in a DMARC record is a request to the validator/receiving domain, not a mandate. Local policy can always override such a request. If a domain doesn't send mail then there is no DKIM and the domain should publish a naked -all for SPF. The other cases you raise fall into John's "I really really mean it" category of additional extensions. Michael Hammer ___ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
[dmarc-discuss] Thoughts for new value 'p=nomail'
With some of my recent DMARC reports for my domains I've seen comments about over riding the p=reject and deciding the mail should be quarantined vs rejected because the recipient mailbox provider thought it was forwarded. Would it be useful to add an additional DMARC be expanded to have a 'p=nomail' value so when a domain that is already publishing "v=spf1 -all" and has a 'p=reject' value that it really should be rejected regardless of what the recipient domain thinks about a mail being forwarded or not? I see that this could also be valuable for parked domains, expired domains and defensive domain registrations to provide additional levels of clarity where a recipient network is trying to make the effort to deliver email but due to their internal decision making are delivering mail that they shouldn't be. ~ *MATT* ___ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
