toddherr
commented
5 months ago Text updated as proposed and checked in to working branch.
Closed toddherr closed 5 months ago
toddherr
commented
5 months ago Text updated as proposed and checked in to working branch.
Submitted on-list by Scott Kitterman:
Proposal to alter the following text in the subject section:
Such an approach might prove useful for a small number of Author Domains, but it is likely that applying such logic to messages with a larger number of domains (as defined by each Mail Receiver) will expose the Mail Receiver to a form of denial of service attack, and so applying a negative disposition decision to the message may be the best course of action.In particular, the word "likely" seems a bit much. Additionally, I think beyond the Domain Owner DMARC policy published in a DMARC record, I think discussions about message disposition are outside the scope of this document.
How about this instead:
Such an approach might prove useful for a small number of Author Domains, but it is possible that applying such logic to messages with a large number of domains (as defined by each Mail Receiver) will expose the Mail Receiver to a form of denial of service attack. Limiting the number of Author Domains processed will avoid this risk. If not all Author Domains are processed, then the DMARC evaluation is incomplete.I don't think we need to tell people what to do with such messages. I think this is enough.