Hello, current text in https://tools.ietf.org/html/rfc7489#section-6 (DMARC Policy):
Since email streams can be complicated (due to forwarding, existing RFC5322.From domain-spoofing services, etc.), Mail Receivers MAY deviate from a Domain Owner's published policy during message processing [... and SHOULD make available the fact of and reason for the deviation to the Domain Owner via feedback reporting, specifically using the "PolicyOverride" feature of the aggregate report (see Section 7.2).] I propose this amendment to the first part of the sentance, (writen in a more abstract way, where the receiving site decides on the policy. The wording is subject to further adjustments): * * * DMARC and Redirecting Messages For a site, that is supposed to redirect a message with failed DMARC validation, to another site, if the PCT with the policy is 100 the recommendation is not to redirect the message but reject it at SMTP level. The rationale is, that this message might be evaluated by the next hop site as Spam, while this hop does not consider the message as spam. In turn, the next hop can conclude, that this hop is sending spam. If the next hop decides to apply DMARC policy reject for the domain of the message, this hop will have to generate a bounce for the message, risking to be blacklisted by some backscatters IP reputation lists. For a site, that is supposed to redirect a message with failed DMARC validation, to another site, if the PCT with the policy is between 1 and 99, the recommendation is to reject the message at SMTP level and not forward it further. For redirected messages, the PCT sampling is applied at least twice, thus there is a probabily that the next hop rejects the message based on the PCT parameter, even if this hop has calculated not to reject the message. It is in unknown, whether the next hop will reject or quarantine messages failing DMARC validation and from the sender's perspective there is no difference, whether this hop or the next hop will reject the message. The recommendations above do not fully apply, when the current hop changes the From: address, as if the recipient on the next hop were a mailing list with one recipient, doing From: mungling. It is not recommended to tell the sender that the message was delivered in the Junk folder of the recipient, and to forward the message further, as the sender can get two rejections for the same message, from two different hops, which is confusing. This can happen, even if the From: address is mungled. _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
