It appears that Emil Gustafsson <[email protected]> said: >I don't know if there is a better way to encode that, but I'm supportive of >making a change that that would allow domains to tell us (gmail) that they >prefer us to require both dkim and spf for DMARC evaluation (or whatever >combination of DKIM and SPF they desire).
I really don't understand what problem this solves. More likely people will see blog posts telling them auth=dkim+spf is "more secure", they'll add that without understanding what it means, and all that will happen is that more of their legit mail will disappear. If you're worried about DKIM replay attacks, let's fix that rather than trying to use SPF, which as we know has all sorts of problems of its own, as a band-aid. R's, John _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
