On Thu, Feb 27, 2014 at 10:14 AM, Matt Simerson <[email protected]> wrote:
> > Is it true that if you reject incoming email which fails DMARC > validation and whose sender's policy is REJECT, then you are in for a world > of hurt? Yes, it is true. > > [...] > > Applying p=reject on behalf of senders that ask for it barely ever hurts. > If ever. > To be fair, there are cases (such as the MLM case, which you mentioned) where it can cause some damage. Fortunately, those cases are well understood and workarounds for them (outside the protocol, alas) exist. > > I have the ability to easily apply locally crafted algorithms to determine > the probability of ham/spam for any given connection and/or message. I > disable SMTP rejections for mail plugins that frequently false positive > (DNSBL, SPF, DKIM, GeoIP, FCrDNS, header validity) and instead apply > heuristics scoring to plugin results. DMARC remains one of the few plugins > that I allow to reject connections on its own. > > This is an important point. Popular free filtering programs like Spamassassin can be easily altered to take DMARC results into account as input to the overall filtering decision. It's equally easy to add exemptions for certain sources. The notion that applying DMARC in non-absolute ways is out of the reach of the masses seems plainly false to me. -MSK
_______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
