On 2/2/2021 9:19 AM, Alessandro Vesely wrote:
On Tue 02/Feb/2021 02:42:25 +0100 Dave Crocker wrote:
On 2/1/2021 5:38 PM, John R Levine wrote:
If we want to document existing practice, I guess we would say that
reports should be authenticated and aligned if practical, but it's
OK to send them if not.
exactly.
I changed it again, for failure reports, like so:
3.3. Transport
Email streams carrying DMARC failure reports SHOULD conform to the
DMARC mechanism, thereby resulting in an aligned "pass". This
"conform to" seems odd wording; it's not immediately obvious what it
means here.
Perhaps:
SHOULD provide DMARC-based authentication, to produce their own
aligned "pass"
requirement is a MUST in case the sending host has a DMARC record
'sending host' is ambiguous in this context.
featuring a ruf= tag. Indeed, special care must be taken of
authentication in that case, as failure to authenticate failure
reports may result in mail loops.
d/
--
Dave Crocker
dcroc...@gmail.com
408.329.0791
Volunteer, Silicon Valley Chapter
American Red Cross
dave.crock...@redcross.org
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
