On Thu, Apr 27, 2023, at 9:52 PM, Scott Kitterman wrote:
>
>
> On April 28, 2023 2:25:57 AM UTC, Jesse Thompson <[email protected]> wrote:
> >On Thu, Apr 27, 2023, at 9:30 AM, Brotman, Alex wrote:
> >> Attempt to make it a tad more concise (I think), altering some of the
> >> language:
> >>
> >> ---------------------
> >> There can be inherent damage to the ability to use certain SMTP-based
> >> systems in conjunction with a policy of quarantine or reject. These could
> >> include, though are not limited to, mailing lists, forwarding services,
> >> and other types of indirect mail flows. Especially in situations where
> >> the sending domain is SPF-only, or the intermediary is known to alter
> >> messages. If the users of the domain may utilize these types of systems,
> >> the domain administrator MUST NOT deploy a policy of quarantine or reject
> >> without serious considerations to the impact to interoperability. These
> >> considerations will be informed by careful analysis of DMARC aggregate
> >> reports prior to deploying such a policy. Some third-party systems may be
> >> willing to create a workaround for these situations, though it cannot be
> >> guaranteed. Domain owners MAY choose to create a sub-domain
> >> (listmail.example.org) or cousin domain (listmail-example.org) which uses
> >> a different policy for users wishing to utilize those service
> s.
> >> ---------------------
> >
> >I like this, and it gives room for best common practices to evolve that
> >don't necessarily conflict.
> >
> >s/
> > Especially in situations where the sending domain is SPF-only, or the
> > intermediary is known to alter messages. If the users of the domain may
> > utilize these types of systems, the domain administrator MUST NOT deploy
> >/
> > For situations where the sending domain is not DKIM signing all of its
> > traffic in an aligned fashion or there is legitimate use of an intermediary
> > known to alter messages, the domain administrator MUST NOT deploy
> >/x
>
> I think most of this would be good in a non-normative appendix. For my
> immediate purpose, I'm imagining that in addition to the [adjective] domain,
> there would need to be an amplification of [adjective] that would explain
> exactly what we mean by [adjective] and what actions a domain owner might
> take in order to be [not adjective].
>
> I don't think it's formally part of the protocol, but it's quite important.
+1
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
