On 3/7/2018 3:21 AM, Satoru Kanno wrote:
Dear DMARC WG Chairs,
I'm sending to you on behalf of Genki Yasutaka-san.
As I asked you last November, we are preparing for the next track,
with the intention of not only reviewing this draft, but also
implementing for verification of vDMARC. If possible, I'd like to
discuss this at IETF 101.
[Details]
----------------------
- What I want to talk?
Draft Overview and Implementation of vDMARC
- Time required
10 minutes (*even for 5 minutes, if your schedule is too busy to adjust.)
- Internet Draft
https://datatracker.ietf.org/doc/draft-akagiri-dmarc-virtual-verification/
----------------------
Thank you for your cooperation and understanding.
+1 to discussing this the concept. Overall, I think "default"
protocol considerations should be included as part of a DMARC Proposed
Standard effort.
Interesting note stated by this draft:
Microsoft Office365 employs the same technique as one mentioned in
this draft ([BestGuessPass]). They append "dmarc=bestguesspass" to
the Authentication-Results to indicate the authenticity of received
emails to receiving MUAs.
Why can't there be a "dmarc=bestguessfail?"
If the Author Domain (5322.From) has no DMARC record, but there is a
matching domain SPF record with a HARDFAIL policy, when a message
fails due to SPF, some systems will reject at SMTP before or at DATA
or accept and quarantine the SPF failed message. With the former, this
concept does't apply since there is no AR record for this result. With
the latter, the result "dmarc=bestguessfail" would better match what
SPF exclusively produced - a failed condition.
I actually found this to be a high true condition:
If a domain has an exclusive, restricted SPF record (HARDFAIL),
the odds
are very high that the same or equal spoof detections (failures)
would
result if the domain only had a exclusive, restricted DKIM Policy
model (ADSP, DMARC) record and not a SPF record.
--
HLS
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
