Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal

2023-06-17 Thread Hector Santos
> On Jun 17, 2023, at 9:50 PM, John Levine wrote: > > It appears that Hector Santos said: >>> Can these senders not accomplish the same thing by removing the SPF record >>> altogether? >>> >>> -MSK, participating >> >> >> Isn’t SPF, DKIM and alignment are all required for DMARC1 passage?

Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal

2023-06-17 Thread John Levine
It appears that Hector Santos said: >> Can these senders not accomplish the same thing by removing the SPF record >> altogether? >> >> -MSK, participating > > >Isn’t SPF, DKIM and alignment are all required for DMARC1 passage? Failure if >any are missing? No, that has never been the case.

Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal

2023-06-17 Thread Hector Santos
> On Jun 17, 2023, at 8:41 PM, Murray S. Kucherawy wrote: > > On Sat, Jun 17, 2023 at 2:40 PM Ken Simpson > wrote: >> FWIW, I'd like to chuck my hat in the ring on the side of removing SPF from >> the next iteration of DMARC. As the operator of an email

Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal

2023-06-17 Thread Murray S. Kucherawy
On Sat, Jun 17, 2023 at 2:40 PM Ken Simpson wrote: > FWIW, I'd like to chuck my hat in the ring on the side of removing SPF > from the next iteration of DMARC. As the operator of an email delivery > service with tens of millions of primarily uncontrolled senders on web > hosting servers, it

Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal

2023-06-17 Thread Ken Simpson
FWIW, I'd like to chuck my hat in the ring on the side of removing SPF from the next iteration of DMARC. As the operator of an email delivery service with tens of millions of primarily uncontrolled senders on web hosting servers, it would be *great* if domain owners could assert via their DMARC

Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal

2023-06-17 Thread Douglas Foster
In general, message recipients lack the expertise needed to distinguish between legitimate and fraudulent identities.Most users do not know how to read message headers or how to make sense of them if shown. Whenour automated evaluation systems and administrative quarantine cannot resolve an

Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal

2023-06-17 Thread Jan Dušátko
Hi I would like to know your opinion on the options currently available to the system administrator. If it is trying to define a policy that allows recipients to authenticate emails, its options are, in my opinion, limited. - The issue of SPF and cloud systems mentioned, or including over