On Wed, Aug 24, 2022 at 4:25 AM Alessandro Vesely <[email protected]> wrote:
> On Wed 24/Aug/2022 07:56:41 +0200 Murray S. Kucherawy wrote: > > I believe your "policy is useful when present but not required" remark > is a > > re-statement of your claim that DMARC should yield a "pass" for any > aligned > > identifier irrespective of the presence or absence of a published policy. > > The theory thus far was that dmarc=fail calls for possibly make a > decision. > Does dmarc=pass bear different values depending on the policy? > I can't answer that question any better than you can. > > However, the charter, at paragraph 4, demands that any change made by > this > > working group which does not preserve compatibility with the deployed > base > > has to be justified. If suddenly the absence of a published policy can > > result in a DMARC "pass" or "fail" when this was not previously the > case, > > and this results in different handling decisions by receivers, I would > say > > compatibility has not been preserved. > > We already made a change by allowing a default policy. DMARC records in > the installed base were illegal if they had no p= tag. So, at this time, > we are discussing of the difference between a record saying just v=DMARC1 > and no record at all. > > [...] > I don't see how that's relevant to the point I'm making. > The working group is able to make that change, but (a) consensus must > exist > > to do so, and (b) we need to justify the resulting potential disruption > > adequately. > > I see no disruption. > If DMARC implementations suddenly start reporting a "pass" or "fail" where previously they reported a "none", and receiver decisions change unexpectedly as a result, I don't see how we can gloss that over as not being potentially disruptive. Anyway, we should fix Authentication-Results:, because it is currently not > clear enough. For example: say the filter can be configured to enable > DMARC or not (possibly on a per-domain base). Now a message gets > dmarc=fail with p=quarantine. This has to be enacted by downstream > agents, > after the SMTP session is over. The rMDA filter must then know if > quarantining is enabled. What is the A-R? > I don't see how this is relevant either, and it should probably get its own thread. -MSK
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
