On 03/06/2014 12:23 AM, J. Gomez wrote:
---- Original Message from: Roland Turner
You are attempting to characterise DMARC use by a receiver as an
all-or-nothing proposition and/or as something which receivers would
benefit from following blindly. This is simply not true. It's not
what DMARC was designed to do. It's not what any sensible receiver
would try to do.
You are viewing this from the same unworkable viewpoint which led to
the failures of SPF -all, DomainKeys o=- and ADSP dkim=discardable.
DMARC has succeeded in large part because it has left this unworkable
viewpoint behind. The sooner you let go of the errors of the past,
the sooner you'll be able to make good use of DMARC.
We probably inhabit different universes. In mine, SPF -all "just works" and, most
importantly, it allows the receiver to outsource onto the sender 100% of the blame arising from any
non-deliveries because of SPF -all failures; also, in my universe DMARC has not
"succeeded" -- not yet, at least.
What do you mean with "just works"?
From spf4408bis:
A "fail" result is an explicit statement that the client is not
authorized to use the domain in the given identity. Disposition of
SPF fail messages is a matter of local policy. See Appendix G.2 for
considerations on developing local policy.
and from Appendix G.2:
SPF fail results can alternately be used as one input into a larger
set of evaluations which might, based on a combination with other
evaluation techniques, result in the email being marked negatively in
some way (this might be via delivery to a special spam folder,
modifying subject lines, or other locally determined means).
Developing the details of such an approach have to be based on local
conditions and requirements.
From the original SPF spec (RFC4408):
A "Fail" result is an explicit statement that the client is not
authorized to use the domain in the given identity. The checking
software can choose to mark the mail based on this or to reject the
mail outright.
So, no, one cannot assume that 100% of all receivers 100% of the time
will reject 100% of all mail that matches SPF -all.
/rolf
_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)
