"We have a lot of other topics" is the wrong reason to call for consensus. The important question is "Ale, have we addressed your concerns?"
I agree with many that for DMARC, our primary interest is whether SPF validation of MAILFROM produces a PASS. However, I also see that a cautious recipient may choose to also require SPF HELO = PASS and / or fcDNS HELO = PASS ( VERIFIED ). Getting a PASS on these multiple criteria increases the confidence in the PASS result, but also increases the likelihood of ambiguous results and false rejects. Therefore: - Recipients need to be cautious about enforcing rules so strictly that sender configuration errors produce unwanted disposition decisions. - Senders need to be careful to ensure that they configure their policy to produce both SPF MAILFROM = PASS and SPF HELO=PASS. Altogether, I think some wordsmithing is needed to communicate those points. I do not have such wording at this moment, but will begin thinking about what I would propose. Perhaps those who are anxious to move on will be able to produce text sooner. I have also raised a concern about the inadequacy of reporting these results, since "Recevied-SPF: pass" is currently a compliant header. We can defer this issue to a later ticket, but we need to be thinking about the problem. If this requires no change, I would like some discussion of why that might be the case. DF On Sat, Feb 6, 2021 at 8:16 PM Dave Crocker <[email protected]> wrote: > On 2/6/2021 3:57 PM, Kurt Andersen (b) wrote: > > > > +1 - now, if only we had a real voting system :-P > > Yeah, 'cause this one is really close, and it's hard to tell what the > decision is... > > > d/ > > ps. +1 > > -- > Dave Crocker > [email protected] > 408.329.0791 > > Volunteer, Silicon Valley Chapter > American Red Cross > [email protected] > > _______________________________________________ > dmarc mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dmarc >
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
