Hello Ale, please explain why this recommendation is done …
On Thu, 2021-07-22 at 20:32 +0200, Alessandro Vesely wrote: > > How about something more or less like the following? > For uniform behavior, MLMs are better off applying the same > mitigation > technique irrespective of the current content of any DMARC > records. > However, some MLMs are known to decide whether to apply that > change or > not based on the existence of an author's domain DMARC record and > the > value of the "p" tag therein. In any case, MLMs MUST NOT consider > the > value of the "pct" tag in order to make such decision. by appending: The reason is, that operators can verify the correct setup, before switching to a strict DMARC policy. After installing “pct=0;p=reject" the domain owner can verify by reading the aggregate reports that 100% of the messages from the owned domain have aligned DKIM. (Otherwise MLM-NOT-mаngled messages will be reported as failed, too). See also the last paragraph of https://datatracker.ietf.org/doc/html/draft-ietf-dmarc-dmarcbis-02#section-6.7.4.2 Shortcomings of the "pct" Tag >>> * "0" - A request that zero percent of messages producing a DMARC "fail" result have the specified policy applied. While this is seemingly a non-sensical request, this value has been given special meaning by some mailbox providers when combined with certain "p=" values to alter DMARC processing and/or reporting for the domain publishing such a policy. <<< I think this paragraph needs to be changed. Proposed new wording: * "0" - A request that zero percent of messages producing a DMARC "fail" result have the specified policy applied. While this is seemingly a nonsensical request, MLM modifying the message shall rewrite the From: header in this case. This way the initial domain owners, by evaluating aggregate reports, can verify, that their setup is correct, before enforcing strict DMARC policy. Greetings Дилян _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
