On 11/7/20 5:00 PM, Dave Crocker wrote:
On 11/7/2020 4:50 PM, Jim Fenton wrote:
If that last sentence is the consensus of the working group (and I
see that the charter could be interpreted that policy is required),
then fine. But I consider the reporting aspect to be useful even in
the absence of policy assertion or enforcement, allow a domain owner
to obtain information about recipients’ receipt of unauthenticated
email from that domain.
DMARC can do 3 things:
1. Define alignment and how to effect it
2. Request receive-side disposition of non-aligned mail
3. Request reporting.
DMARC does not have to do 2 or 3. It can refrain from making a
handling request and it can refrain from requesting reporting.
A claim that DMARC isn't DMARC unless there is policy seems an odd
view, given p=none.
"p=none" is the defined _policy_ to get 1 and 3 without 2. That's how
you set a _policy_ that allows you to request reporting without enforcement.
"p=none" allows Jim's desired use case to have reporting without a
change in handling. Since it _is_ a policy, what Seth wrote ("DMARC does
not function without policy.") is not in conflict with that use case.
Maybe changing that option to "none" from "monitoring" wasn't actually
the best choice? But I'm not sure it would be wise to change it now, in
light of the installed base...
--S.
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
