On Tue, Nov 4, 2025 at 7:04 AM Alessandro Vesely <[email protected]> wrote:
> > I think "mail exchange server" complicates what the bullet is trying to > > say. It says the right thing by just using "mail servers", and we don't > > have to get into explaining what an exchanger or an MX is. > > I thought Ged's hint was fine, so -18 now has this: > > By report consumers: > > * isolate Mail eXchange (MX) servers receiving reports from > receiving other mail streams; > * use sandboxes in evaluating failure reports; > * use network segmentation; > * limit access to failure reports to authorized individuals with > appropriate security training. > > Saying "mail server" can be quite obscure (I have a "ruf" folder on my > IMAP > server, so is that isolated?) But on the other hand you can't choose the > MX > either. I think Michael meant[*] that the domain-part of the ruf= tag > should > be a domain not used for generic email addresses and should have a > dedicated > MX. I'm unable to express that concept without saying "MX". (BTW, isn't > that > a bit excessive? An email message in transit cannot do much harm...) > The aggregate reporting document makes two references to "mail servers" and none to "mail exchange servers". The base document makes about four references to "server" (mostly "SMTP server") and none to "mail exchange servers". I don't understand why we're so keen to stick to this one use of that term when we've used the other term everywhere else. I don't understand the relevance of your IMAP server. I understood what Michael meant; I don't understand at all why the word "exchange" makes this more clear. "Isolate report streams from other mail streams" would be even better, as it abstracts the notion of a mail server, which is beside the point being made. -MSK
_______________________________________________ dmarc mailing list -- [email protected] To unsubscribe send an email to [email protected]
