On 5/15/2015 11:07 AM, MH Michael Hammer (5304) wrote:
This is one of the reasons I have held back from participating in the discussions/attempts to come up with authorizations for unrelated 3rd parties. Even recognizing the resistance from various quarters, 3rd parties and intermediaries (which modify messages) taking responsibility for messages they emit is ultimately the cleanest and most workable approach. Yes it requires change on the part of some (I'm waiting for shouts of "GET OFF MY VIRTUAL LAWN").
I noticed that with your ag.com, you only have an SPF -ALL record. No ADSP, no DMARC. I also notice that you didn't sign your mail. So I don't know if you have a DKIM public key.
So basically, you decided not to have any assertions made on your ag.com from a DKIM, Trust and Reputation, Policy standpoint. The odds are high that if you are going to get spoofed, it will have to be sent from a different an unauthorized IP address.
With a SPF -ALL, it lowers the need for DMARC, ADSP. Thats another reason why there is less urgency.
DMARC is really a helper for SPF softfail (~ALL) or neutral (?ALL) policies.
During the DKIM-WG, Microsoft did talk about using ADSP DISCARD with a SPF SOFTFAIL.
-- HLS _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
