RFC 7489 obsoleted and receivers MUST now downgrade to quarantine by default
RFC 7489 has been obsoleted, requiring receivers to downgrade to quarantine by default. This change addresses interoperability issues caused by strict DMARC policies, particularly for domains using 'p=reject'. The article emphasizes the importance of applying valid DKIM signatures and suggests a phased approach for domains considering 'p=reject'.
- ▪Domains that publish 'p=reject' must not rely solely on SPF for DMARC pass and must apply valid DKIM signatures.
- ▪Mail receivers should not reject messages solely based on a 'p=reject' policy and must consider additional analysis.
- ▪Failure to adhere to these guidelines can lead to significant operational issues, including the cancellation of mailing list subscriptions.
Opening excerpt (first ~120 words) tap to expand
7.4. Interoperability Considerations As discussed in "Interoperability Issues between Domain-based Message Authentication, Reporting, and Conformance (DMARC) and Indirect Email Flows" [RFC7960], the use of "p=reject" can be incompatible with and cause interoperability problems to indirect message flows such as "alumni forwarders", role-based email aliases, and mailing lists across the Internet.¶ As an example of this, a bank might send only targeted messages to account holders. Those account holders might have given their bank addresses such as "[email protected]" (an address that relays the messages to another address with a real mailbox) or "[email protected]" (a role-based address that does similar relaying for the current head of finance at the association).
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at Rfc-editor.
Discussion
0 commentsMore from Rfc-editor
