Re: is it just me or...

[Michael Thomas via NANOG <nanog () lists nanog org>]

On 5/25/25 8:42 AM, Tom Ivar Helbekkmo wrote:
> Michael Thomas via NANOG <nanog () lists nanog org> writes:
>
> > It's never been especially clear to me why [SPF and DKIM] needed to be
> > unified -- [...]  SPF had its own policy mechanism, DKIM its own too
> > (ADSP nee SSP). Why DMARC is "better" is still pretty much a mystery,
> > and my suspicion is it's mainly politics.
> The way I see it, you can't have both without something that lets each
> do its evaluation, and then uses those results as input to a final
> decision.  If you just put both of them in there, as independent agents,
> you'll get e.g. SPF rejecting a forwarded email, and never letting DKIM
> verify that it is, in fact, genuine.

My position is that what could actually be helpful is a BCP which 
describes the entire ecosystem and what MTA's and potentially other 
things in the mail delivery path ought to either be doing, or cognizant 
of. I have long thought that the concept of a "well behaved mailing 
list" might be useful to assist with an admittedly imperfect situation. 
But it might be nice to give advice for receivers (and that would be 
*extremely* helpful if big mailbox providers were more forthcoming... 
alas).

Beyond that, I really don't see what DMARC has brought to the table 
beyond 10 years of argument and... irrelevance in many ways.

Mike

_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/Z5LBC4J6ENIEV5X5FUT357HVH2L6L5JD/