On Sun 07/Jun/2020 23:23:17 +0200 Seth Blank wrote: > https://trac.ietf.org/trac/dmarc/ticket/66 > > Many different entities participate in DMARC, and to each, there is a > different > definition of what is needed to "implement" or participate in DMARC. > > Should the spec be clear about the different participants, and what it means > for each to participate partially and completely?
The spec should encourage participation, but there is no badge to be won. > As a straw man to start conversation (assume this is all wrong): > > The domain owner: > - partially participating: valid record? > - complete participation: no part of the domain hierarchy can be spoofed > by > an unauthenticated sender? That's what many MTA-check tools improperly hint at. It is wrong. We cannot /recommend/ strict policies, at least until the mailing list problem persists. > The receiver/MTA: > - partially participating: validates DMARC? > - complete participation: validates DMARC and ARC, and sends aggregate > reports? ARC is not a subset of DMARC, as the substring occurrence could mistakenly suggest. It should not even be mentioned in a DMARC spec. To validate DMARC is an obvious requisite to participation. It doesn't mean that the suggested disposition should be (blindly) honored. To generate aggregate reports in order to inform the sender /as well as the receiver/ on how DMARC works is a useful, recommended exercise. > The intermediary (is this different than a receiver?): > - partially: validates DMARC? > - complete participation: validates DMARC and validates and seals ARC? I tend to identify intermediaries with mailing list operators. It is time to say something about From: rewriting, otherwise DMARC remains a wannabe. ARC is not going to solve the mailing list problem any time soon. Since From: rewriting is the de-facto standard, we should at least report our experience with it. It may be an integral part of the DMARC spec or a separate document. Best Ale -- _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
