It appears that Steven M Jones <[email protected]> said: >-=-=-=-=-=- > >On 7/6/21 05:45, Todd Herr wrote: >> >> The theoretical goal of any domain owner that publishes a DMARC record >> is to transition from an initial policy of p=none to a final one of >> p=reject, because it is only at p=reject that DMARC's intended purpose >> of preventing same-domain spoofing can be fully realized. > >While preventing impersonation of "high value" domains was the original >impetus for DMARC, and preventing same-domain spoofing is a/the core >benefit, it provides value for other use cases as well. For example, a >domain that doesn't currently see much abuse and has several indirect >mailflows (so "p=none"), but wants reporting as an "early warning >system" in case they're targeted later.
Good point -- that's exactly why I use it, even though I have no intention of ever publishing a policy other than p=none. The reports are quite interesting. R's, John _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
