I propose the following tweak to the Introduction of the Failure Reporting draft: I am working from https://github.com/ietf-wg-dmarc/draft-ietf-dmarc-failure-reporting/blob/main/draft-ietf-dmarc-failure-reporting.md (Original)
With changes/additions: Failure reports (RUF) provide detailed information about the failure of a single message, or a group of similar messages failing for the same reason. They are meant to aid in a) cases where a Domain Owner is unable to detect why failures that were reported in aggregate form occurred or b) it is important to the Sender domain to quickly identify and address mail involving abusive mail involving direct domain abuse. It is important to note that these reports can contain the header fields or sometimes the entire content of a failed message, which may contain personally identifiable information (PII). The potential disclosure of PII should be considered when deciding whether to request failure reports as a Domain Owner, or what information to include or redact in failure reports when creating them as a Mail Receiver, or whether to create failure reports at all. The change(s) are non-normative. Michael Hammer
_______________________________________________ dmarc mailing list -- [email protected] To unsubscribe send an email to [email protected]
