>Yes. But what if the DMARC default were to have that phish vector closed, >so that it only would be open for those who explicitly did open it (because >they had a specific problem that needed fixing)?
This strikes me as a great deal of mechanism to address a very unlikely problem. If people are seeing soft fails on your SPF or DKIM lookups, the most likely reason is that your DNS servers or intermediate caches are screwed up. And in that case, your DMARC lookups will fail, too, so it doesn't matter what they say. Speaking as a receiver, if your DMARC is important to you, fix your DNS, don't ask me to do backflips to sort of work around its failures. R's, John _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
