Re: [dmarc-ietf] Some Gmail comments on DMARCbis version 28

2023-09-10 Thread Dotzero
On Sun, Sep 10, 2023 at 8:46 PM Jim Fenton wrote: > On 7 Sep 2023, at 9:28, Wei Chuang wrote: > > Many enterprises already have "p=reject" policies. Presumably those > domains were subject to some sort of spoofing which is why they went to > such a strict policy. > > This is not necessarily the c

Re: [dmarc-ietf] Some Gmail comments on DMARCbis version 28

2023-09-10 Thread Douglas Foster
How I define a "Source": To the domain owner, it is all of the environments that need to be touched, as part of a DMARC implementation project, to ensure that they produce DKIM PASS with SPF PASS or DKIM PASS with SPF NONE. It includes corporate employee email, ESPs, CRMs, Web Sites, Shadow IT, e

Re: [dmarc-ietf] Some Gmail comments on DMARCbis version 28

2023-09-10 Thread Jim Fenton
On 7 Sep 2023, at 9:28, Wei Chuang wrote: Many enterprises already have "p=reject" policies. Presumably those domains were subject to some sort of spoofing which is why they went to such a strict policy. This is not necessarily the case. For example, DHS has [directed](https://www.cisa.go

Re: [dmarc-ietf] Some Gmail comments on DMARCbis version 28

2023-09-10 Thread Murray S. Kucherawy
One thing I forgot to mention: On Thu, Sep 7, 2023 at 9:29 AM Wei Chuang wrote: > Our suggestion is that there is not a lot of value in including this > language in the bis document if the likely outcome is that it will be > ignored, and rather more effort should be placed with a technical solut

Re: [dmarc-ietf] Some Gmail comments on DMARCbis version 28

2023-09-10 Thread Scott Kitterman
On Thursday, September 7, 2023 12:28:59 PM EDT Wei Chuang wrote: > We had an opportunity to further review the DMARCbis changes more broadly > within Gmail. While we don't see any blockers in the language in DMARCbis > version 28 >

Re: [dmarc-ietf] pct flag, Some Gmail comments on DMARCbis version 28

2023-09-10 Thread Richard Clayton
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In message <20230910031142.48ebb5b5...@ary.qy>, John Levine writes >It's a lot better to set the TTL on your record to a few seconds, then >change it to p=reject, and see what you get back. If you're seeing a >flood of unexpexted rejections, quick fl