Hi Hector, Thank you for your comment.
You know, we've focusing on emails which would potentially be marked as "dmarc=pass" in this draft, but we'd not almost aware of the opposite point so far. I would like to listen to your suggestions slowly. Regards, Genki --- Genki YASUTAKA <[email protected]> Rakuten, Inc. -----Original Message----- From: Hector Santos [mailto:[email protected]] Sent: Saturday, March 10, 2018 7:05 AM To: Satoru Kanno <[email protected]>; [email protected] Cc: Takehito Akagiri <[email protected]>; Yasutaka, Genki | Dkim | OPS <[email protected]> Subject: Re: [dmarc-ietf] [Request] Presentation in IETF101 On 3/7/2018 3:21 AM, Satoru Kanno wrote: > Dear DMARC WG Chairs, > > I'm sending to you on behalf of Genki Yasutaka-san. > > As I asked you last November, we are preparing for the next track, > with the intention of not only reviewing this draft, but also > implementing for verification of vDMARC. If possible, I'd like to > discuss this at IETF 101. > > [Details] > ---------------------- > - What I want to talk? > Draft Overview and Implementation of vDMARC > > - Time required > 10 minutes (*even for 5 minutes, if your schedule is too busy to > adjust.) > > - Internet Draft > > https://datatracker.ietf.org/doc/draft-akagiri-dmarc-virtual-verificat > ion/ > ---------------------- > > Thank you for your cooperation and understanding. +1 to discussing this the concept. Overall, I think "default" protocol considerations should be included as part of a DMARC Proposed Standard effort. Interesting note stated by this draft: Microsoft Office365 employs the same technique as one mentioned in this draft ([BestGuessPass]). They append "dmarc=bestguesspass" to the Authentication-Results to indicate the authenticity of received emails to receiving MUAs. Why can't there be a "dmarc=bestguessfail?" If the Author Domain (5322.From) has no DMARC record, but there is a matching domain SPF record with a HARDFAIL policy, when a message fails due to SPF, some systems will reject at SMTP before or at DATA or accept and quarantine the SPF failed message. With the former, this concept does't apply since there is no AR record for this result. With the latter, the result "dmarc=bestguessfail" would better match what SPF exclusively produced - a failed condition. I actually found this to be a high true condition: If a domain has an exclusive, restricted SPF record (HARDFAIL), the odds are very high that the same or equal spoof detections (failures) would result if the domain only had a exclusive, restricted DKIM Policy model (ADSP, DMARC) record and not a SPF record. -- HLS _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
