On Fri 05/Aug/2022 04:44:21 +0200 John Levine wrote:
DMARC uses available information to produce a result of "Authenticated" or
"Not Authenticated". Sometimes, the message can be reliably categorized
as "Authenticated" or "Not Authenticated" without reference to the
specifics of a domain owner policy. ...
But DMARC has never said whether messages are "Authenticated". It says whether
they
are aligned, based on the authentication results from DKIM and SPF. That's not
the
same thing, and the distinction is deliberate. It's quite possible for a
message to
be authenticated by DKIM or SPF, but not aligned.
The difference w.r.t SPF is that DMARC records have default values. The
only mandatory element of a record is dmarc-version. This makes the
"implicit" DMARC record quite obvious.
I don't know what this proposal is, but it's not DMARC.
No, it's not DMARC. Also because the default p=none makes it not
effective, limiting usage to spying on report leaks.
However, it might be worth to note that, among non-DMARC software, there
are verifiers which issue a warning when the authenticated identifier is
not aligned. Call it dmarcese?
For mail handling, I wonder how stronger is a dmarc=pass after p=none than
a dmarc=none after no policy but verified alignment. IMHO, neither
deserves special treatment.
Best
Ale
--
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
