Hector Santos writes: > The DNS-based author domain defined policy is the only common > approach we have now.
"To a man with a hammer, every problem looks like a nail." But unfortunately, use of strict policy in the current environment can be antisocial behavior, and therefore it is going to be ignored (as a policy) by socially responsible recipients. Viz, GMail.[1] And it leads to avoidance behavior (From-corruption, encapsulation) by third parties (at least mailing lists). "Avoidance" is also anti-social IMO, even though it's my constituency that's doing it. Those same socially responsible recipients will, of course, use it as an (important) input into their *heuristic, reputation-based* decisions about filtering. Viz. again, GMail. Third-party authorization just pushes the heuristic, reputation-based decision-making off onto the third parties you want to authorize, and doesn't scale to precisely the large mailbox providers who can cause widespread consternation by publishing "p=reject" policies. Footnotes: [1] While I have my reservations about the CSR of all billion-dollar companies, including Google, GMail's handling of p=reject is socially responsible behavior. IMHO YMMV. _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
