[dmarc-discuss] SPF pass / fail
Maarten Oelering
maarten at postmastery.net
Mon Mar 5 05:33:23 PST 2012
And if SPF does not pass with identifier alignment, the requested
DMARC policy will apply. So the SPF policy is essentialy ignored by DMARC.
An SPF policy of "~all" (soft-fail) seems like a good choice if you don't
want receivers to enforce on SPF alone, to prevent false-positives with
forwarding. With DMARC a forwarded message that has a valid, aligned DKIM
signature will still pass.
Maarten
On Mon, Mar 5, 2012 at 2:08 PM, Tim Draegen <tdraegen at agari.com> wrote:
> On Mar 4, 2012, at 11:10 PM, Brian Clark wrote:
> > I read somewhere that DMARC requires a hard fail, but I can't find that
> at
> > the moment. Can someone else confirm that?
>
> Hi Brian,
>
> Not true. DMARC is looking for affirmation that a message originates from
> a domain. From the DMARC check's perspective, all results that do not end
> in "SPF passing with identifier alignment" are considered failures.
>
> HTH,
> =- Tim
>
>
> _______________________________________________
> dmarc-discuss mailing list
> dmarc-discuss at dmarc.org
> http://www.dmarc.org/mailman/listinfo/dmarc-discuss
> NOTE: Participating in this list means you agree to the DMARC Note Well
> terms (http://www.dmarc.org/note_well.html)
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://medusa.blackops.org/pipermail/dmarc-discuss/attachments/20120305/00e8d925/attachment-0001.htm>
More information about the dmarc-discuss
mailing list