On Tue, Mar 5, 2024 at 10:33 PM Barry Leiba wrote:
> Maybe better?:
>
> NEW
> If they can block outgoing or reply DNS messages, they can prevent
> systems from discovering senders' DMARC policies. Recipients will
> then use their local policies for handling mail in the absence of
> DMARC and
Maybe better?:
NEW
If they can block outgoing or reply DNS messages, they can prevent
systems from discovering senders' DMARC policies. Recipients will
then use their local policies for handling mail in the absence of
DMARC and will not be able to take the senders' policies into account.
END
On Thu, Feb 29, 2024 at 10:12 PM John Levine wrote:
> It appears that Todd Herr said:
> >p=none by default." This seems inconsistent with the text in 5.7.2
> >("Continue if one is found, or terminate DMARC evaluation otherwise") and
> >4.7 ("Handling of DNS errors when querying for the DMARC
It appears that Todd Herr said:
>p=none by default." This seems inconsistent with the text in 5.7.2
>("Continue if one is found, or terminate DMARC evaluation otherwise") and
>4.7 ("Handling of DNS errors when querying for the DMARC policy record is
>left to the discretion of the Mail Receiver")
Colleagues,
The second bullet of section 11.3 DNS Security reads:
"If they can block outgoing or reply DNS messages, they can prevent systems
from discovering senders' DMARC policies, causing recipients to assume
p=none by default." This seems inconsistent with the text in 5.7.2
("Continue if one