On 10/24/2023 2:15 PM, Barry Leiba wrote:
Now that we have a consensus call on the main issue that has remained open:
1. Do we need to retain our session at IETF 118 and discuss this (or
something else) further?
...or...
2. Do we have what we need to finish up the DMARCbis document, and
should the chairs cancel the session at 118?
I think #2 is best, imto.DMARC and DMARCbis will remain a processing
overhead for logging, but no honoring of policies. I have yet to see
any consistency. No faith in this protocol. It can not be considered a
deterministic protocol. With all the debate on lookup, I still don't
understand what is expected. Would be nice to see some simple pseudo
code for the new logic. But why? Nothing deterministic about it to say
- REJECT with confidence.
SPF is still king here though .....
Oh, and...
3. Is there something else (such as the reporting documents) that we
should use the time at 118 to discuss? Or can we continue with those
on the mailing list for now? My sense is that aggregate reporting, at
least, is just about ready to go and doesn't need the face-to-face
time.
Primary technical problem is inconsistency in reading the report formats.
I want to know the following in a report:
Which domain? Who try to use it? What was return path, the IP and
principle DKIM identities, if you got that far?
I still won't know what I will gain but I do hope the receivers honor
my policies especially for SPF because I am honoring SPF rejects on
the receiver side.
SPF remains the only protocol I honor 100% and according to my
business site sites, this month total rejects are 34% SPF!
If anything, I get DMARC reports but I learn nothing from them.
--
HLS
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
