On Fri 06/Nov/2020 14:57:46 +0100 Todd Herr wrote:
On Fri, Nov 6, 2020 at 7:27 AM Douglas E. Foster wrote:
It makes no sense to allow "p=" missing. Why would we suggest that all
existing implementations alter their code to tolerate additional
unnecessary complexity, rather than requiring domain administrators to key
a few more characters so that code changes will not be necessary?
Are there really implementations that choke on missing p=?
How about "v=DMARC1; p=none; p=quarantine;"?
I also don't understand this comment from Alessandro :
"Operators who don't need policy, for example external report receivers
who just want to publish verification records, would find the relevant
info in the base spec." >>
There is only one policy record, published by the domain owner. The DNS
record either suggests enforcement (p=quarantine, p=reject) or it does not
(p=none, p=missing, no DMARC record).
I can't speak for him, but I believe he's referring to the records that a
report consumer outside the authority of the domain at issue might publish,
as documented currently in https://tools.ietf.org/html/rfc7489#section-7.1.
In those cases where, for example, foo.com publishes a DMARC policy record
with a rua= value of say "[email protected]", there must exist a TXT record
of "v=DMARC1" at foo.com._report._dmarc.bar.org in order to confirm that
bar.org is consenting to receive these reports.
Exactly! Dropping the requirement allows the definition of DMARC record to be
unique. Not a terrific gain, just a little simplification.
Best
Ale
--
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
