https://tools.ietf.org/html/draft-ietf-dmarc-arc-protocol-08#section-9.4
There was an earlier thread about the proper way to handle this ( https://mailarchive.ietf.org/arch/msg/dmarc/Mz3xIgdB_OuBUqt9OlaZ9_feUpI). I want to suggest a different direction: Section 9.4 should be removed in its entirety. Returning a 421 tempfail is a bad idea for several operational and security reasons: - it can create generate backscatter - one could craft a legitimately ARC signed message and then pull DNS records resulting in a 421 ddos ping-ponging amongst intermediaries But more importantly, because of the nature of how ARC works and mail servers function, there is no way to handle temporary failures cleanly, especially because (as per the thread I linked to) sometimes delivering a message with arc=fail is better than tossing it back (for instance, when dmarc still passes on final receipt, and you'd otherwise by impeding a legitimate message). If anything, section 9.4 should state that all temporary failures are permanent ARC failures. Messages in this situation MUST be capped with cv=fail and passed along upstream. Stamping the A-R prior to sealing with arc=tempfail could be quite valuable to upstream receivers, but doesn't change the fact that the chain is dead. Seth
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
