On 5/1/2014 2:54 PM, Terry Zink wrote: > I remember reading somewhere about a year ago (can’t remember where, but > it was on a mailing list) that Gmail overrides the DMARC reject policy > and instead treats it as quarantine.
This provides a nice example of why "overrides" is probably not the proper term. Receivers have complex decision engines and take in all sorts of information they use to formulate handling decisions. A remote agency, such as a domain owner, cannot "dictate" a receiver's actions. That is, it cannot assert anything that should reasonably be called "policy", in terms of receiver actions. It of course can state its desires -- which is what DMARC enables -- but that's quite different from policy. What's been described for gmail is that it takes guidance from the published DMARC record and then formulates is /own/ policy. In reality, that's what every receiver does. Always. So gmail is not 'overriding' DMARC policy, it is merely choosing a policy that factors in domain owner desire a bit differently than the domain owner has requested. This is more than semantic quibbling. It goes to an essential reality about the tentative nature of publishing "policy" information. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
