On Mon, Apr 1, 2024 at 12:53 PM Jim Fenton <fen...@bluepopcorn.net> wrote:
> On 1 Apr 2024, at 9:26, Todd Herr wrote: > > > I'm digesting the threads for the purpose of preparing tickets to track > the > > work, and I suspect one of the tickets will include, "Add reference to > the > > following two M3AAWG documents": > > > > 1. > > > https://www.m3aawg.org/sites/default/files/m3aawg_managing-spf_records-2017-08.pdf > > 2. > > > https://www.m3aawg.org/sites/default/files/m3aawg-email-authentication-recommended-best-practices-09-2020.pdf > > These are useful documents. > > The second one seems to be saying that the recommended action for > intermediaries is to use ARC, and doesn’t mention address rewriting. I have > some concerns about whether enough receivers interpret ARC header fields > for that to be viable, but that seems to be a better solution than address > rewriting. To echo Murray’s comment, should DMARC-bis reference ARC? > > The second document also recommends that receivers "Make use of ARC headers", but I do not believe that ARC header consumption is yet widespread enough to consider that recommendation to be commonly implemented. I myself am not a receiver, but I've been in enough conversations on the topic, including a present M3AAWG initiative, to understand the the long poles in that tent don't involve consumption of the headers per se, but rather knowing or deciding which ARC signers to trust and what to do when the message passes through multiple intermediaries and not all of them ARC sign the message. Should DMARC-bis reference ARC? I don't know; can it? What I mean by that is that some of us have an interest in DMARC-bis being published as Standards track, and ARC is Experimental, and I don't fully understand the rules regarding down-referencing (is that the right term?). -- Todd Herr | Technical Director, Standards & Ecosystem Email: todd.h...@valimail.com Phone: 703-220-4153 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
