jrlevine
commented
1 week ago Whether or not I thought this was a good idea, it is much, much too late to propose this change.
We need to fix whatever tiny nits are left in the draft and wrap up this WG. It should have been done a year ago.
Not to confuse matters further [and this does not fit my use case, but may others]. Should a domain be able to specify that it's DMARC policy DOES NOT override a subdomain policy (or force a default)? [ This may also address reporting concerns for #157]
I know a subdomain can do this, by specifying PSD=N, however can/should this be also possible from the parent?
Scenario, I have a domain (which could be a PSD) and want to implement DMARC for it only, but I have a LOT of child domains in various DMARC states and don't want to force DMARC on them.
Presently (current draft), any DMARC policy I implement with:
I could use PSD=Y, SP=NONE, however I'd still get RUA reports for domains without their own policy which I may not want.
Initial suggestions. PSD=S - Self Only, but otherwise treated as PSD=Y for discovery purposes, but do not use for subdomains without their own policy SP=NI - Not inherited, this could be used for non-PSDs, but I suspect will make the logic considerably more complex.
Feel free to say "not in scope" or just "no"