Hi all,
the second sentence of the second paragraph of Section 5.8:
OLD
In particular, because of the considerations discussed
in [RFC7960] and in Section 8.6 of this document, it is important
that Mail Receivers not reject messages solely because of a published
policy of "reject", but that they apply other knowledge and analysis
to avoid situations such as rejection of legitimate messages sent in
ways that DMARC cannot describe, harm to the operation of mailing
lists, and similar.
I have the feeling that most readers understand that allusion to /other
knowledge and analysis/ to mean content filtering. Thence the lemma that if we
can relay on content filtering then we don't need strong authentication.
Instead, referenced Section 8.6 presents forwarding as /the/ scenario where
DMARC fails. Accordingly, this section could be more precise on the kind of
semantically acceptable enforcement exceptions. Let me try a wording:
NEW
In particular, because of the considerations discussed
in [RFC7960] and in Section 8.6 of this document, it is important
that Mail Receivers seek additional knowledge and mechanisms whereby
published policies of "reject" and "quarantine" can be safely overridden.
Mailing lists, and forwarding in general present cases where messages are
legitimately sent beyond the author domain's reach, breaking SPF and
possibly also DKIM. The combined effort of Mail Receivers and Forwarders
can lead to establishing a strong recognition of such mail flows, warranting
discharge from DMARC policy enforcement while still respecting the
semantics of the author domain policy, thus avoiding the harm that
otherwise DMARC causes to the operation of mailing lists.
Is that cool?
Best
Ale
--
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
