I don't really have a horse in this race since I never plan to publish anything other than p=none, but ...
It appears that Todd Herr <[email protected]> said: >Ratchet mechanisms don't help in any way that a short TTL on your DMARC >record won't help, and in fact you need the short TTL on your record >anyway, because if you're trying a ratchet mechanism and find it's too >much, you still gotta update DNS to roll it back. Given that the reports are completely independent of the policy, of course. I believe the goal of the rachet mechanisms was that you can turn them up a little bit, so if they're wrong, they'll only screw up a little bit of your mail. But the fallacy is that if your mail is only a little bit screwed up, you won't be able to tell from the sending end whether anything is wrong. Better to take a deep breath, set the TTL to 10 seconds, throw the switch, and if you screwed up, you'll find out quickly. My inclination is to deprecate pct= and say receivers can ignore it. Deprecate p=quarantine, and say that receivers SHOULD treat p=quarantine and p=reject the same, with the actual handling to be determined by receivers who know a lot more about their users' behavior than senders do. Some people use pct=0 as a flag to say that things like mailing lists should do DMARC-evading things, but I think there are better ways to debug list software. R's, John PS: https://www.theonion.com/americans-eagerly-check-to-see-if-they-got-any-emails-t-1847220852 _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
