On 2022-02-11 08:57, Douglas Foster wrote:
This section implies that publishing SPF -ALL is a risky move, which is made worse by DMARC. SPF -ALL is a only risk when (a) the message is forwarded without MAILFROM rewrite and (b) the evaluator does not implement DMARC.
+1
Rather than telling senders to weaken their SPF policies, we need to make it clear to evaluators that they should implement DMARC correctly. Proposed language for the second paragraph:
why spf -all when there exists nullMX ? _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
