----- Original Message ----- > From: "Murray S. Kucherawy" <[email protected]> > To: "Scott Kitterman" <[email protected]> > Cc: [email protected] > Sent: Wednesday, December 24, 2014 7:46:42 AM > Subject: Re: [dmarc-ietf] Jim Fenton's review of -04
> On Wed, Dec 24, 2014 at 4:04 AM, Scott Kitterman < [email protected] > > wrote: > > The draft strongly encourages DMARC implementers to ignore SPF policy, so I > > don't think assuming messages will be deferred due only due to SPF or DKIM > > results indicating a temporary DNS error is appropriate. > > If there's a transient DNS error getting the SPF policy, then there's no SPF > policy to be ignored. That's quite a different situation. > > I think that in the case of a temporary DNS error in one of the lower level > > protocols, insufficient inputs are available to conclude a message has > > failed DMARC tests. > > I agree. > > Receivers can either ignore DMARC for this message due to incomplete > > evaluation or they can defer the message in the hope that the temporary > > error will be resolved when the message is retried. Receivers MUST NOT > > apply > > DMARC policy and reject or quarantine because the DMARC evaluation is > > incomplete. > I would prefer this phrasing Receivers can either ignore DMARC for this message due to incomplete evaluation or they can defer the message in the hope that the temporary error will be resolved when the message is retried. Defer seems preferable for security reasons. Receivers MUST NOT apply DMARC policy and reject or quarantine because the DMARC evaluation is incomplete.
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
