Reporting allows certainty within the limits of the reporting mechanism. My inference is that many domains stop at p=none for an extended period or forever because the reporting mechanism does not provide that certainty. For my part, I backed away from reject when I received fail-with-reject reports from Outlook.com. These proved to be false results (messages were not blocked) but the fear remained. Since then, domain members have started participating with mailing lists, and I have not determined how the list handles p=reject participation. So I am back at none.
More importantly, the SPF neutral gimmick can be applied immediately, with confidence that it will be handled as intended by essentially all evaluators. By contrast, the new tag cannot be effective until DMARCbis is published and filtering software updated. This involves years. Even then, domain owners will never have confidence that the new token support has been implemented by all recipient evaluators. Additionally, we have testimony that the neutral gimmick has been recently used on a large scale, to block SPf upgrade attacks, with good results. Seems like a slam dunk for SPF neutral. I said the problem and it's solution needs to be laid out in our document because I am one of those who did not understand it as a possible strategy Doug On Sun, Oct 29, 2023, 2:03 PM Richard Clayton <[email protected]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > In message <CAH48ZfyvA5F8vqUQqyUujKqZHyLKK-fpDm0C3abwet=Zq- > [email protected]>, Douglas Foster <[email protected] > m> writes > > > * auth=DKIMOnly requires that the domain owner have high confidence > > that every message source is applying DKIM signatures. > > which of course the reporting mechanism allows them to acquire > > - -- > richard Richard Clayton > > Those who would give up essential Liberty, to purchase a little temporary > Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 > > -----BEGIN PGP SIGNATURE----- > Version: PGPsdk version 1.7.1 > > iQA/AwUBZT6d+N2nQQHFxEViEQJCDQCgi6nTZzBMtD3IsCneeBhfi9yncr4An1Rw > XWnnTNQEzFoispkq3McuQGgw > =PlmH > -----END PGP SIGNATURE----- > > _______________________________________________ > dmarc mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dmarc >
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
