Re: [dmarc-ietf] Ticket #39 - remove p=quarantine

Dave Crocker <> Wed, 02 December 2020 14:09 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1872A3A140B for <>; Wed, 2 Dec 2020 06:09:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 1jODAu68lMl1 for <>; Wed, 2 Dec 2020 06:09:04 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4864:20::629]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 66C493A1405 for <>; Wed, 2 Dec 2020 06:09:04 -0800 (PST)
Received: by with SMTP id s2so1174502plr.9 for <>; Wed, 02 Dec 2020 06:09:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-language; bh=88eZg3kqw8BhfhyaXpot/CppGtil7WVk9BIJEkKUZ20=; b=EGlpUug6yM4U0LkZIFbmLMvf96cz/JuimF2pk6Auft2bkTGVy1e+NxUq1HAQnzS7Al /s46jNJpP3Bcl6M4bycdV1wnINDl9g1ugr8Jo26XFC2Mf/nJrx7VTddnM9LwNMxPuvuJ RlIm5tygeGALqQgX5gcVoxJS7cbnHVeQLxXM0z5aEh8AfldNSdfOwGSEo4uf+y8nYZxf S0BHQGhjbFqa6q2SuLSmi9Q83OY75j48enXsOLRt2H0WNpN4EcKVRlA1awj2T6v5QCEz y2wWeZ1Eea1u7UoB349FIe86u54JISzRWkBjc9eYPVB//bZgdlchmQwihb6h7gxnkOZy 6BdA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=88eZg3kqw8BhfhyaXpot/CppGtil7WVk9BIJEkKUZ20=; b=HPSXul/FoC56QQexE7eCLXUB32h3wvf9HMqfw/n0XOa4Jx/+ZuPLsceNxb0OfYjjzt Ka063bZGaw/S47CEz8ssniCPq7KvAG73pMQt2T85tOllQVuWTfdTDYQ7sHd6V7y3s3OW hgwFW2bb+wTlriiFWwTIGex+aGdVWXlLppJKbi9Mpzy0QeH4JZdQmUhA6sTFBNUTdO6D xEKWaxZ/XZZT1GU63dgdBM8+vqkRw+ZWGEPj8BBop8tDeTch/caTiU+eE6ECrXZlrkRM tjSZzIohx7ahiyQaf0D0p+CNFalTDhtGGq6C7bE53u09vVt3LgZbPXTenkWrYruueB71 OZZQ==
X-Gm-Message-State: AOAM531rPoabXGB0rfkGpZQ5jP72vl6UsFTD/eKPoXR33XNaGtnTGeqe BQyVH1ldHcpdPzRcDAQUApfuTh7ZH4k=
X-Google-Smtp-Source: ABdhPJyq3yTRADSHJQGzXYmhUmaVzKk6A70aoUwAsSraUyHjWysknYU0OWvkLu1eciYlLLVnupcGbA==
X-Received: by 2002:a17:90a:7343:: with SMTP id j3mr51042pjs.51.1606918143384; Wed, 02 Dec 2020 06:09:03 -0800 (PST)
Received: from [] ( []) by with ESMTPSA id e2sm2037462pjv.10.2020. (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 02 Dec 2020 06:09:02 -0800 (PST)
To: Steven M Jones <>,
References: <20201202021651.E8EE128C576A@ary.qy> <> <> <>
From: Dave Crocker <>
Message-ID: <>
Date: Wed, 2 Dec 2020 06:09:00 -0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/alternative; boundary="------------FF95140B1A1A3D731C176D81"
Content-Language: en-US
Archived-At: <>
Subject: Re: [dmarc-ietf] Ticket #39 - remove p=quarantine
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 02 Dec 2020 14:09:06 -0000

On 12/2/2020 1:55 AM, Steven M Jones wrote:
> hen he commanded the tide to halt)" -- the latter phrasing is just 
> /slightly/ too ponderous even for me... Does "requesting" really imply 
> control over the outcome, rather than the expression of a desire?
My point is that I think the language MUST NOT be cast as saying 
anything about receiver behavior.  Rather, it must only talk about the 
domain owner's assessment of message validity, or the like.

>> I'd frankly recommend changing the labels for these expressions, but 
>> expect folk to argue that there is too much installed base and 
>> operational history.
> Ah, now maybe we're getting somewhere. But if you toss that notion 
> out, you have to follow up with an example or two. Which labels, and 
> changing them in what way?
Well, I share that view of accompanying obligation... when I can.  I 
couldn't think of a reasonable 'hook' for the language, in the previous 

But above, I see I wrote a perspective that might be useful: validity.

So, perhaps, something like:

    *p*: Domain Owner Assessment Policy (plain-text; REQUIRED for policy
    records). Indicates the severity of concern the domain owner has,
    for mail using its domain but not passing DMARC validation. Policy
    applies to the domain queried and to subdomains, unless subdomain
    policy is explicitly described using the "sp" tag. This tag is
    mandatory for policy records only, but not for third-party reporting
    records (see Section 7.1
    <>). Possible values
    are as follows:

        *none*: The Domain Owner offers no expression of concern.

        *quarantine:* The Domain Owner considers such mail to be
        suspicious. It is possible the mail is valid, although the
        failure creates a significant concern.

        *reject: *The Domain Owner considers all such failures to be a
        clear indication that the use of the domain name is not valid. 
        See Section 10.3
        <> for some
        discussion of SMTP rejection methods and their implications.


Dave Crocker

Volunteer, Silicon Valley Chapter
American Red Cross