On Mon, Apr 1, 2024 at 8:18 AM Brotman, Alex <Alex_Brotman= 40comcast....@dmarc.ietf.org> wrote:
> One item left out of Seth’s text is that due to MBPs who act in this > fashion, these SPF evaluation failures will (understandably) not show up in > DMARC reports, and the domain owner may not have visibility for these > failures. However, the text also puts the onus on the domain owner instead > of the MBP. The text could be altered to instead suggest that MBPs who > deploy DMARC should not utilize the outcome of SPF in this fashion. If the > domain owner wants to protect their domain, and has no idea if the MBP > supports DMARC properly (presuming they also have an enforcing policy), is > it more or less advisable to use “-all” with your SPF record? > > > > I’d be curious to see the Venn diagram of MBPs who implement SPF in this > fashion, and also fully support DMARC. I feel like the MBPs who I’ve > encountered deploying an SPF check in this way had not at the time > supported DMARC. > > > > -- > > Alex Brotman > > Sr. Engineer, Anti-Abuse & Messaging Policy > > Comcast > > I was just thinking along these lines and was going to post but you beat me to the punch. +1 Michael Hammer
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc