I'm glad you brought up the binding operative, I had the same thought.
The federal mandate also pushed several state governments to follow
suit, as there wasn't any pressure before (even though federal BO's
don't technically apply to state governments.)
Examples:
Alabama - reject (alabama.gov, al.gov, state.al.us)
Hawaii - reject (hawaii.gov)
Missouri - reject (missouri.gov)
Montana - reject (montana.gov, mt.gov)
New Jersey - reject (state.nj.us, nj.gov)
Ohio - quarantine (state.oh.us, ohio.gov)
South Carolina - quarantine (state.sc.us)
Tennessee - reject (state.tn.us)
West Virginia - reject (wv.gov)
- Mark Alley
On 4/18/2023 5:25 PM, Jim Fenton wrote:
On 9 Apr 2023, at 11:33, Barry Leiba wrote:
There is an alternative, though: we can acknowledge that because of how
those deploying DMARC view their needs over interoperability, DMARC is not
appropriate as an IETF standard, and we abandon the effort to make it
Proposed Standard.
I see that as the only way forward if we cannot address the damage that
improperly deployed DMARC policies do to mailing lists.
Unfortunately, much of the world outside IETF sees an RFC number and assumes
Standards Track. We have RFC 7489, which is Informational, which then resulted
in a mandate [1] for all executive-branch US Government domains to publish
p=reject. I have to believe that they thought it was Standards Track when they
did this.
-Jim
[1]https://cyber.dhs.gov/assets/report/bod-18-01.pdf
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc