On 28/10/17 06:55, Dave Crocker via dmarc-discuss wrote:
There's a meta-lesson here, given how relatively mature and
heavily-used DMARC is, which ought to make it surprising that this
sort of thing pops up this late.
But I can't figure out what sort of productive statement to make to
describe the lesson or what to do about it...
Guidance to receivers (is there any?) might be expanded to encourage
observance of Postel's law. Even if receivers wish to take the "we're
doing you a favour" perspective or the "we don't want to enable still
more broken software" perspective and therefore not accommodate domain
registrants with invalid DMARC records, they might consider a courtesy
note where a record exists that is clearly an attempt at a legitimate
record (rather than an artefact of some other malfunction) but is not
correct enough to permit reliable automated processing.
The meta-lesson might simply be to bear Postel's law in mind when
drafting standards and guidance: take for granted that there will be
invalid messages/records/etc. out there and think through up front what
to do with them. In request/response protocols it's straight-forward:
return an error. In cases where information in published for
asynchronous automated consumption, it probably needs to be thought
through on a case-by-case basis.
- Roland
_______________________________________________
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)