> On 19.08.2023 at 19:01 Jarland Donnell via mailop wrote: > > Is "-all" not indeed a policy in SPF, directed by the domain owner? I would > argue that it is. Especially given that there are options there, each one > defining how the domain owner wishes SPF failure to be treated. I would find > it odd to say that should ignore domain owners when they say "-all" since > that's a direct and clear request by them.
SPF contains information about which IP addresses are authorized or unauthorized to send messages for a given domain. It does not contain a policy on what to do with this information. If someone decides to reject messages from sources listed as unauthorized, this is a policy set up by the *receiver*. Fair enough. I‘m just saying that if the domain owner actually *did* create a policy (within the DMARC record, as DMARC allows you to include a policy) and this policy says „my messages are authorized as long as they are coming from those IP addresses and/or carry a valid cryptographic signature of my domain“ then I recommend against simply ignoring this policy and rejecting messages exclusively based on SPF across the board. This might lead to false positives. And one cannot claim that those false positives happened on request of the domain owner, when the domain owner set up a policy that instructed something different - but the receiver ignored it to save some CPU cycles on his box. — BR Oliver ________________________________ dmTECH GmbH Am dm-Platz 1, 76227 Karlsruhe * Postfach 10 02 34, 76232 Karlsruhe Telefon 0721 5592-2500 Telefax 0721 5592-2777 dmt...@dm.de<mailto:dmt...@dm.de> * www.dmTECH.de<http://www.dmtech.de> GmbH: Sitz Karlsruhe, Registergericht Mannheim, HRB 104927 Geschäftsführer: Christoph Werner, Martin Dallmeier, Roman Melcher ________________________________ Datenschutzrechtliche Informationen Wenn Sie mit uns in Kontakt treten, beispielsweise wenn Sie an unser ServiceCenter Fragen haben, bei uns einkaufen oder unser dialogicum in Karlsruhe besuchen, mit uns in einer geschäftlichen Verbindung stehen oder sich bei uns bewerben, verarbeiten wir personenbezogene Daten. Informationen unter anderem zu den konkreten Datenverarbeitungen, Löschfristen, Ihren Rechten sowie die Kontaktdaten unserer Datenschutzbeauftragten finden Sie hier<https://www.dm.de/datenschutzerklaerung-kommunikation-mit-externen-493832>. _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
