[dmarc-discuss] Impact of "none" policy?
dotis at mail-abuse.org
Wed Mar 28 06:27:07 PDT 2012
On 3/27/12 3:33 AM, Maarten Oelering wrote:
> I am helping a large financial to prepare for DMARC and strict authentication policies. With SPF and DKIM on the way we would like to publish a DMARC record with a "none" policy.
> However, we want to be absolutely sure that the "none" policy does not have any effect on the filtering or presentation of the emails. I heard a rumor that even a "none" policy caused specific warnings to be shown in Gmail or Hotmail, but I was unable to confirm this with testing.
> Did anyone in this group also see changes in delivery with a "none" policy? Or can I safely assume that it will have absolutely zero impact on email delivery? I know you can call this a "stupid" question, but there is much at stake, so I need to be 100% sure.
DMARC is only one possible scheme that could be employed to counter
domains being heavily spoofed in some originating header field. It
seems few financial organizations would be better served publishing a
"none" DMARC policy. The DMARC draft should include clarification a
third-party signature enables http://tools.ietf.org/html/rfc6541 being
applied which allows From header field domains to specifically authorize
any number of third-party signatures. Publishing these authorizations
might better serve such domain's efforts in mitigating many possible
causes beyond DMARC that might lead to false detections of spoofed
messages. As was previously mentioned, DMARC should also consider the
possibility of future use of multiple email addresses within the From
header fields as a method to convey domain affiliations.
More information about the dmarc-discuss