Re: [dmarc-discuss] reporting on reports considered harmful

Tue, 01 Apr 2014 00:22:25 -0700 

On Apr 1, 2014, at 12:01 AM, Roland Turner <[email protected]> 
wrote:

>>>> If you consider this to be a problem, you can send your reports from a 
>>>> subdomain
>>>> with its own DMARC record that says not to report back.
>>>> 
>>>> Or an entirely reasonable practical hack would be not to send reports
>>>> on domains with traffic below some threshold.
>>> 
>>> there may be various ways to work around this 'minor nuisance', but 
>>> wouldn't it be better to address this 'loose end' in the spec itself, 
>>> instead of having everyone to re-invent the weel?
>>> 
>>> /rolf
> 
> As resolving this does not require co-ordination[1], it does not seem like an 
> appropriate candidate for complicating the behaviour codified by the spec. 
> Avoiding the reinvention problem can usefully be addressed by:
>       • an FAQ entry
>       • a BCP paragraph, when/if such documents appear
>       • options in implementations.
> 
> - Roland
> 
> 1: If you don't want your reports to ever be the subject of reports then 
> simply send from a domain that doesn't request reports. If you simply  If you 
> don't want to report on the reports of others, then simply exclude email to 
> your reports address(es) from the input to your report generator, or simply 
> suppress reports about very small numbers of messages.

Edited for brevity:

        1: To avoid having reports be the subject of reports (creating a loop), 
send from a [sub]domain that doesn't request reports. To avoid reporting on 
others reports, exclude email to your DMARC reports address(es) from the input 
to your report generator.

I also removed the suggestion to suppress reports for very small numbers of 
messages. Many of the reports I get are for just one message. Having even a few 
larger senders suppress reports about very small numbers of messages would have 
a significantly deleterious effect on small sites using DMARC.

Matt
_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss

NOTE: Participating in this list means you agree to the DMARC Note Well terms 
(http://www.dmarc.org/note_well.html)

Reply via email to