On 5/25/25 8:42 AM, Tom Ivar Helbekkmo wrote:
Michael Thomas via NANOG <[email protected]> writes:
It's never been especially clear to me why [SPF and DKIM] needed to be
unified -- [...] SPF had its own policy mechanism, DKIM its own too
(ADSP nee SSP). Why DMARC is "better" is still pretty much a mystery,
and my suspicion is it's mainly politics.
The way I see it, you can't have both without something that lets each
do its evaluation, and then uses those results as input to a final
decision. If you just put both of them in there, as independent agents,
you'll get e.g. SPF rejecting a forwarded email, and never letting DKIM
verify that it is, in fact, genuine.
My position is that what could actually be helpful is a BCP which
describes the entire ecosystem and what MTA's and potentially other
things in the mail delivery path ought to either be doing, or cognizant
of. I have long thought that the concept of a "well behaved mailing
list" might be useful to assist with an admittedly imperfect situation.
But it might be nice to give advice for receivers (and that would be
*extremely* helpful if big mailbox providers were more forthcoming...
alas).
Beyond that, I really don't see what DMARC has brought to the table
beyond 10 years of argument and... irrelevance in many ways.
Mike
_______________________________________________
NANOG mailing list
https://lists.nanog.org/archives/list/[email protected]/message/Z5LBC4J6ENIEV5X5FUT357HVH2L6L5JD/
