Hello,
I saw that FortiNet's FortiMail is listed as a product that has a DMARC
support here: "https://dmarc.org/resources/products-and-services/"; .
I wonder what do you guys think about it's DMARC implementation. If you
enable DMARC check in FortiMail it rejects(or performs other configured
action) any mail that fails DMARC check no matter what policy source
domain has configured. So it also rejects mails from domains that have
policy p=none. After contacting their support I was told that this
implementation is by desing and they dont have any plans to change it.
In DMARC RFC there is:
"To enable Domain Owners to receive DMARC feedback without impacting
existing mail processing, discovered policies of "p=none" SHOULD NOT
modify existing mail disposition processing."
So I guess it doesn't break RFC if there is "SHOULD NOT" and not "MUST
NOT"? But I still think this implementation of DMARC is wrong. What do
you guys think?
Best Regards
Petr Novak
_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)
