On 25 Mar 2021, at 11:23, John R Levine wrote:
Calconnect’s TC-CALSPAM group is currently looking at this issue
and yes, the reason is because of real world corporations that use
multiple brands with different domains. Typically employees got a
single email address on one of their domains but often work with
people who have email addresses in different domains.
Oh, OK.
It sounds like they're asking DMARC to do things it doesn't do. If you
can't ensure that everything sent with your domain on the From line is
signed with your signature, you shouldn't publish a DMARC policy.
Agreed, but in some cases, such as US Government agencies, the
publication of a p=reject policy is required:
https://cyber.dhs.gov/bod/18-01/
Unfortunate IMO that they created this requirement based on an
informational RFC.
-Jim
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
