> On Apr 7, 2024, at 9:27 AM, John R Levine <[email protected]> wrote: > > On Sun, 7 Apr 2024, Neil Anuskiewicz wrote: >> I think clear statement and supporting text explaining clearly that SPF is >> no longer the policy layer would be a good idea. While it might be slightly >> out of scope, I have encountered people who think best practice is to >> enforce with -ALL. > > We had a long discussion about that which you can read in the list archive at > https://mailarchive.ietf.org/arch/browse/dmarc/ > > Nobody is crazy about SPF but removing it completely is too much of a change. > As Ale pointed out, if you don't want people to use SPF for your DMARC > validation, make all your SPF entries ? or ~ rather than +. > > This WG should have finished a year ago. Unless you think something is so > broken that it's worth more months of delay, forget it.
To be clear I was suggesting considering deprecating the hardfail modifier only as it’s archaic. I was not saying deprecate SPF. That said, i don’t know what the unexpected consequences of this change would be. I think SPF still has its place. Maybe they’ll make some adjustments over in the SPF working group. _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
