Closed ietf-svn-bot closed 3 years ago
@fosterd@bayviewphysicians.com changed type from defect
to enhancement
@fosterd@bayviewphysicians.com commented
Withdrawn in favor of the np clause of DMARC for PSDs
@fosterd@bayviewphysicians.com changed _comment0 which not transferred by tractive
@dougfoster.emailstandards@gmail.com commented
I note that https://tools.ietf.org/html/rfc7208#section-2.2 has this observation, which seems to support this proposal Although invalid, malformed, or non-existent domains cause SPF checks to return "none" because no SPF record can be found, it has long been the policy of many MTAs to reject email from such domains, especially in the case of invalid "MAIL FROM". Rejecting email will prevent one method of circumventing of SPF records.
@todd.herr@valimail.com commented
[comment deleted]
@todd.herr@valimail.com changed _comment0 which not transferred by tractive
@todd.herr@valimail.com commented
See also Issue #97
@todd.herr@valimail.com changed status from new
to accepted
@todd.herr@valimail.com set owner to todd.herr@valimail.com
@todd.herr@valimail.com changed status from accepted
to assigned
@todd.herr@valimail.com changed status from assigned
to closed
@todd.herr@valimail.com set resolution to wontfix
@todd.herr@valimail.com commented
Closing in favor of np clause for DMARC in PSDs
owner:todd.herr@valimail.com
resolution_wontfix
type_enhancement
| by fosterd@bayviewphysicians.comOne of the issues that was discussed in DMARC for PSDs was the problem of spammers inventing non-existent sub-domains for legitimate entities. DMARC blocks those messages if the organization has a sp=reject rule, but sp=reject cannot be implemented until the entire organization is DMARC-ready.
It should be possible to reject non-existent subdomains even if part or all of the organization is on policy none. I propose adding a qualifier to the sp=policy with these meanings:
required=Exists: Reject any message from a subdomain which has no NS record.
required=MailEnabled: Reject any message from a subdomain which has neither an MX record nor an SPF policy record.
Issue migrated from trac:83 at 2022-01-24 16:52:07 +0000