On December 24, 2014 12:49:04 AM EST, "Murray S. Kucherawy" <[email protected]> wrote: >On Mon, Dec 22, 2014 at 3:18 PM, Scott Kitterman <[email protected]> >wrote: > >> >> As I read -08 what to do in that case is undefined. There's a >dangling >> pointer >> to 5.6.3. It's dangling because nothing in that section addresses >the >> question of how to handle DKIM/SPF temporary errors. >> >> >5.6.3's final paragraph makes it clear that the action taken is at the >discretion of the mail receiver, and gives two examples of >non-destructive >ways to handle that case. Do we need to say more than that? > >-MSK
No. That's specifically about DNS errors related to DMARC record retrieval. My issue is what to after successfully retrieving the DMARC record if one of SPF/DKIM doesn't pass and align (DMARC fail) and the other of SPF/DKIM returns a DNS error. 5.6.2 appears to me to promise that is explained in 5.6.3 and it's not. Personally, I think rejecting mail based on temporary DNS errors is something the draft should discourage. Scott K _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
