> On Jun 30, 2023, at 3:32 PM, Murray S. Kucherawy <[email protected]> wrote:
>
> On Fri, Jun 30, 2023 at 12:21 AM Jan Dušátko
> <[email protected] <mailto:[email protected]>>
> wrote:
>> Scott, Barry,
>> as far as I understand, SPF are historic technology,
>
> Not in any official capacity. RFC 7208 is a Proposed Standard. In fact, in
> IETF terms, it enjoys higher status than DMARC does right now.
>
> The status of these protocols is not under discussion. The only question is
> whether DMARC should continue to factor SPF results into its output.
If I am reading the group right, using the suggested `auth=` tag for
explanation, it appears the editor wants the new DMARCbis default to be:
auth=dkim
And it would required an explicit tag like;
auth=spf,dkim
to express a desire for spf to be in the evaluation. This offers DMARCbis
backward compatibility. This would be the one “upgrade” change a domain would
need to make, an optional “extended behavior” to make it behave like DMARC
today. The default behavior today is auth=spf,dkim. DMARCbis’s default would
be auth=dkim.
I am saying it sounds like this.
Overall, imo, it is never a good idea to exerted changes on domains with bis
specs, requiring them to change their current DMARC record to reinforce the
security level they want using SPF in DMARC evaluation.
—
HLS
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
