I objected vigorously during the PSD review, but the Area Director directed me to defer the discussion so the experiment could move forward.
Nonetheless, repeating inadequate language does not render it adequate. Separating NP from SP should enable a significant improvement in threat management if we can get the test right. Unfortunately, a test that is prone to both false positives and false negatives does not serve the purpose well, especially if those problems are swept under the rug rather than being articulated. On Fri, May 7, 2021, 10:55 AM Todd Herr <todd.herr= [email protected]> wrote: > On Thu, May 6, 2021 at 11:13 PM Douglas Foster < > [email protected]> wrote: > >> This is about >> Section 3.8. Non-existent Domains >> >> For DMARC purposes, a non-existent domain is a domain for which there >> is an NXDOMAIN or NODATA response for A, AAAA, and MX records. This >> is a broader definition than that in [RFC8020]. >> >> My argument is that that A/AAAA/MX has no useful relevance to determining >> whether the RFC5322.FROM address of a message should be evaluated based on >> SP or NP. NP is described as testing "non-existent", rather than "possibly >> able to receive mail". We need a test that evaluates whether the domain >> exists or not, and is maximally protected from false positives caused by >> host names and wildcards. >> >> If this group is convinced that A/AAAA/MX is meaningful for the distinction >> between SP and NP, I am asking someone to provide the justification and >> define the algorithm. Right now I have seen neither. >> >> >> > For what it's worth, the text in question was copied directly from > draft-ietf-dmarc-psd > <https://datatracker.ietf.org/doc/draft-ietf-dmarc-psd/> (Section 2.7 of > that document, to be precise). As I understand it, draft-ietf-dmarc-psd > imposes some requirements on the text in DMARCbis, and so to support > satisfying those requirements, other bits of text were imported, too. > -- > > *Todd Herr* | Sr. Technical Program Manager > *e:* [email protected] > *m:* 703.220.4153 > > This email and all data transmitted with it contains confidential and/or > proprietary information intended solely for the use of individual(s) > authorized to receive it. If you are not an intended and authorized > recipient you are hereby notified of any use, disclosure, copying or > distribution of the information included in this transmission is prohibited > and may be unlawful. Please immediately notify the sender by replying to > this email and then delete it from your system. > _______________________________________________ > dmarc mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dmarc >
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
