On Thu, Feb 8, 2024 at 5:32 AM Jeroen Massar <jeroen= [email protected]> wrote:
> [multiple responses aggregated] > > > On 6 Feb 2024, at 22:22, John R. Levine <[email protected]> wrote: > > > >>> Unless something important has changed since the last time we took up > >>> and rejected this idea, I don't think we need to discuss it further. > >> > >> Is the reasoning documented? I have checked the list archives, but > there is a LOT of list archives... > > > > The main reason is that it's much too late in the process for such a > large change, and a lesser reason is that it's not clear how it would > interact with the DKIM replay work that some people claim is going to > happen real soon now. > > > >> For gmail.com <http://gmail.com/> as a very big example SPF passes due > to ~all and the evaluation of DKIM can be ignored ... > > > > Uh, no. ~all is a soft fail. > > Together with DMARC p=none as DKIM signature-presence is ignored and thus > any email can pass. > DMARC p=none does not mean "any email can pass". DMARC p=none means "If this message fails DMARC authentication, please do not include that failure as part of the disposition decision". The message you're describing would fail DMARC, not pass, because SPF would fail and the message would be unsigned. What a receiver does with that message, or any message, is up to the discretion of the receiver, and DMARC does not change that, regardless of the policy setting for the claimed sending domain or the DMARC validation results. Sites participating in DMARC are not required to honor the policy statement published by the domain owner. -- *Todd Herr * | Technical Director, Standards & Ecosystem *e:* [email protected] *p:* 703-220-4153 *m:* 703.220.4153 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
