On Tue, 24 Jul 2018, Stefano Bagnara wrote:
We wrote that a long time before anyone had imagined the mess that is DMARC.
Well, if it is not valid anymore then we need an update... "You" made
3 revisions between 2007 and 2011 and then stopped updating it when it
really started being used? ;-)
There's not even an "errata" for that.
Implementors (when they read the RFC) deserve to know what's the
*current* best practices suggested by the spec RFC.
As Steve said, the best practices depend on your situation. It's not one
size fits all.
I see your messages to this mailing list are failing DMARC and here
are their signatures:
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com;
h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding;
s=c4b4.5b538d77.k1807; ...
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com;
h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding;
s=c4b4.5b538d77.k1807; ...
I'm not sure I understand why (the rationale about it) you decide to
sign that headers and fail DMARC here, while you suggest the "asker"
to stop signing reply-to....
I put signatures on all outgoing mail, including mail that goes to mailing
lists. Doesn't everyone? Anyone who rejects my mail due to DMARC has a
badly broken DMARC implementation.
And still I'm honestly looking for stats about how many domains are
really currently sending DMARC reports to senders (I get reports for
much less than 1% of my recipients: is it what you all get or is there
something wrong in my setup/target?).
Your setup is fine. Hardly anyone sends reports.
Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
