This statement is patently false, though, and the guidance goes well beyond operational reality. I think the statement should be struck in its entirety.
All the major free mail providers are moving to have DMARC policies on their domains. Yahoo has it, 1und1 has it, Gmail has committed to do it. That's 2.5bn+ inboxes protected by DMARC. Why would we have text says MUST or SHOULD NOT against a practice that's protecting inboxes worldwide and is picking up steam across them all due to the very real security benefit of the document this guidance is in...? On Thu, Feb 29, 2024 at 1:55 PM Todd Herr <todd.herr= 40valimail....@dmarc.ietf.org> wrote: > Colleagues, > > I've been reading DMARCbic rev -30 today with a plan to collect the first > set of minor edits and I came across a sentence that I believe goes beyond > minor, so wanted to get a sanity check. > > Section 7.6, Domain Owner Actions, ends with the following sentence: > > In particular, this document makes explicit that domains for > general-purpose email MUST NOT deploy a DMARC policy of p=reject. > > > I don't believe this to be true, however. Rather, Section 8.6, > Interoperability Considerations, says SHOULD NOT on the topic (e.g., "It > is therefore critical that domains that host users who might post messages > to mailing lists SHOULD NOT publish p=reject") > > Section 7.6 therefore should be updated to read "domains for > general-purpose email SHOULD NOT deploy a DMARC policy of p=reject", yes? > > -- > > *Todd Herr * | Technical Director, Standards & Ecosystem > *e:* todd.h...@valimail.com > *p:* 703-220-4153 > *m:* 703.220.4153 > > This email and all data transmitted with it contains confidential and/or > proprietary information intended solely for the use of individual(s) > authorized to receive it. If you are not an intended and authorized > recipient you are hereby notified of any use, disclosure, copying or > distribution of the information included in this transmission is prohibited > and may be unlawful. Please immediately notify the sender by replying to > this email and then delete it from your system. > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > -- *Seth Blank * | Chief Technology Officer *e:* s...@valimail.com *p:* This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc