<span style="font-family:Prelude, Verdana, san-serif;">'Common good' or not, I seriously doubt feedback reporting would be widely implemented without the incentive of sender policies. In fact, even with them I would be surprised if the feedback reporting got much further than Google. Of the five email providers on the participant roster, only Google is currently sending any sort of reports, to my knowledge . I'm sure the others are working on it, but I think a large number of receivers will be using DMARC to grab the published sender policies and then run without sending reports.<br><br>So without the sender policies DMARC is pointless. The number one goal of DMARC is to allow phished domains to take control and reduce fraudulent emails. The feedback is nice, but I don't think it's safe to assume at this stage that the feedback reporting will go very far.<br><br></span><span id="signature"><div id="no_signature" style="overflow:hidden;"></div></span><br><span style="color:navy; font-family:Prelude, Verdana, san-serif; "><hr align="left" style="width:75%">On 6 Mar 2012 02:45, Mitchell Webb <dmarcmarcd@yahoo.com> wrote: <br></span>
<br>
<br>Some would argue "responsible" filtering of email (in that the sender is notified of status) is for the collective common good of email users. Think of a citizen filling out a government form and filing it with dept of xyz. As a citizen I would want to know which half of the forms were thrown in the trash and if my form made it to the inbox. There is nothing stopping receivers from universally discarding all email without strict SPF / DKIM alignment right now they don't need DMARC to "allow" them to do so. The hesitancy to do so is for the potential of false positives. If as a receiver you can offload that responsibility back onto the sender you can say you have done your part.
<br>
<br>
<br>________________________________
<br>From: Adrian <adrian@hardy.bz>
<br>To: Mitchell Webb <dmarcmarcd@yahoo.com>; dmarc-discuss@dmarc.org
<br>Sent: Monday, March 5, 2012 9:32 PM
<br>Subject: Re: [dmarc-discuss] DMARC limitations
<br>
<br>
<br>If I were a receiver I probably wouldn't be too interested in providing senders with feedback and getting nothing in return. If these parameters were not implemented in DMARC and receivers define the policies themselves, then there is no point in this entire thing, surely?
<br>
<br>
<br>
<br>________________________________
<br>On 6 Mar 2012 02:02, Mitchell Webb <dmarcmarcd@yahoo.com> wrote:
<br>
<br>
<br>
<br>The incentive for receivers would be they could justifiably tighten their receiving criteria (protecting the users) while having provided senders with information about legitimate / forged emails and their subsequent processing. This could further be expanded to include black/whitelists, content filtering etc...
<br>
<br>
<br>
<br>________________________________
<br>From: Adrian <adrian@hardy.bz>
<br>To: Mitchell Webb <dmarcmarcd@yahoo.com>
<br>Cc: "dmarc-discuss@dmarc.org" <dmarc-discuss@dmarc.org>
<br>Sent: Monday, March 5, 2012 8:47 PM
<br>Subject: Re: [dmarc-discuss] DMARC limitations
<br>
<br>
<br>Where is the incentive for receivers to implement DMARC if it is just to provide feedback to senders?
<br>
<br>
<br>On Tue, Mar 6, 2012 at 1:20 AM, Mitchell Webb <dmarcmarcd@yahoo.com> wrote:
<br>
<br>
<br>>
<br>>Do the following DMARC parameters "overstep" the bounds that should be allowed of a sending domain?
<br>>
<br>>
<br>>
<br>>pct Sampling rate
<br>>p Requested handling policy
<br>>sp Requested handling policy for subdomains
<br>>
<br>>
<br>>As they are requests would it not be better for the policy configuration responsibility to rest solely on the receiving mail server? This would essentially relegate DMARC to a reporting system only.
<br>>_______________________________________________
<br>>dmarc-discuss mailing list
<br>>dmarc-discuss@dmarc.org
<br>>http://www.dmarc.org/mailman/listinfo/dmarc-discuss
<br>>NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
<br>>
<br>>
<br>
<br>_______________________________________________
<br>dmarc-discuss mailing list
<br>dmarc-discuss@dmarc.org
<br>http://www.dmarc.org/mailman/listinfo/dmarc-discuss
<br>NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)