Opened 17 months ago

Last modified 14 months ago

#119 new defect

Remove indications, that reject is stronger than quarantine policy

Reported by: dpa-ietf@… Owned by:
Priority: minor Milestone: Deliverable #3 (changes to DMARC base spec + DMARC Usage Guide
Component: dmarc-bis Version:
Severity: - Keywords:
Cc:

Description

https://datatracker.ietf.org/doc/html/draft-ietf-dmarc-dmarcbis-02#section-6.7.4.1 “Intended Implementation of the "pct" Tag” says:

  • if a message with p=quarantine policy is not subject to the quarantine policy because of the pct-tag, it shall fall back to none policy.
  • if a message with p=reject policy is not subject to the reject policy because of the pct-tag, it shall fall back to quarantine policy.

This implies, that quarantine is in some sense something between none and reject. The specification contains no reasoning, why is quarantine anyhow stronger than reject. Therefore the handling of p=reject;pct=30 shall not fall back to the quarantine policy, but to the none policy.

Change History (2)

comment:1 Changed 16 months ago by todd.herr@…

I disagree with the premise of the ticket.

https://datatracker.ietf.org/doc/html/draft-ietf-dmarc-dmarcbis-02#section-6.3 "General Record Format" describes the three possible values for the p= tag as follows:

    none:
    :   The Domain Owner offers no expression of concern.

    quarantine:
    :   The Domain Owner considers such mail to be suspicious. It
        is possible the mail is valid, although the failure creates
        a significant concern.

    reject:
    :   The Domain Owner considers all such failures to be a clear
        indication that the use of the domain name is not valid. See
        (#rejecting-messages) for some discussion of SMTP rejection
        methods and their implications.

'quarantine' allows for the possibility that the mail might be valid, while 'reject' is an assertion by the domain owner that the use of the domain name is not valid.

Last edited 14 months ago by todd.herr@… (previous) (diff)

comment:2 Changed 14 months ago by todd.herr@…

  • Milestone set to Deliverable #3 (changes to DMARC base spec + DMARC Usage Guide
Note: See TracTickets for help on using tickets.