Opened 4 years ago

Last modified 17 months ago

#22 new task

Perverse incentives to use p!=none & pct=0

Reported by: kboth+ietf@… Owned by: draft-ietf-dmarc-interoperability@…
Priority: minor Milestone: Deliverable #3 (changes to DMARC base spec + DMARC Usage Guide
Component: interoperability Version:
Severity: - Keywords:
Cc:

Description

Pursuant to an email thread on the mailop list, we may want to consider how (or if) to do something about the ways that people have developed different processing handling for p=none vs. p!=none. Here's the example:

Does anyone know of any negative side effects of setting a DMARC policy: p=quarantine pct=0 ?

Is it equivalent to: p=none ?

I'm curious because I want to trigger Google Groups (and maybe others list forwarders?) to rewrite the From in a DMARC compliant fashion *prior* to changing the domain's DMARC policy... to avoid the "leap of faith" that p=none's monitoring mode was supposed to alleviate.

Change History (2)

comment:1 Changed 4 years ago by tim@…

I'm not sure I follow the "perverse" part in the description. "p=quarantine" + "pct=0" should not impact email in the same way that "p=none" does not.
BUT, since certain mailing lists do behavior differently if p!=none, it seems reasonable to do this as a check.

What to do? Maybe this gets documented in the usage guide as a thing people do.

comment:2 Changed 17 months ago by mail@…

6.8. Policy Enforcement Considerations says:

   To enable Domain Owners to receive DMARC feedback without impacting
   existing mail processing, discovered policies of "p=none" SHOULD NOT
   modify existing mail handling processes.

Suggested addition:

   To enable Domain Owners to receive DMARC feedback without impacting
   existing mail processing, discovered policies of "p=none" SHOULD NOT
   modify existing mail handling processes. To enable Domain Owners to
   audit potential authentication failures with "p=none", Mail Receivers
   SHOULD NOT change the behavior of the authentication mechanism
   subject to the discovered DMARC policy. Mediators, such as mailing
   lists, are encouraged to achieve compability with DMARC
   authentication on all messages, irrespective whether and which DMARC
   policy has been discovered.
Note: See TracTickets for help on using tickets.