Re: [dmarc-ietf] Proposed text for p=reject and indirect mail flows

[Mark Alley <mark.alley@tekmarc.com>]

I'm glad you brought up the binding operative, I had the same thought.

The federal mandate also pushed several state governments to follow 
suit, as there wasn't any pressure before (even though federal BO's 
don't technically apply to state governments.)

Examples:

Alabama - reject (alabama.gov, al.gov, state.al.us)
Hawaii - reject (hawaii.gov)
Missouri - reject (missouri.gov)
Montana - reject (montana.gov, mt.gov)
New Jersey - reject (state.nj.us, nj.gov)
Ohio - quarantine (state.oh.us, ohio.gov)
South Carolina - quarantine (state.sc.us)
Tennessee - reject (state.tn.us)
West Virginia - reject (wv.gov)


- Mark Alley

On 4/18/2023 5:25 PM, Jim Fenton wrote:
> On 9 Apr 2023, at 11:33, Barry Leiba wrote:
>
>> There is an alternative, though: we can acknowledge that because of how
>> those deploying DMARC view their needs over interoperability, DMARC is not
>> appropriate as an IETF standard, and we abandon the effort to make it
>> Proposed Standard.
>>
>> I see that as the only way forward if we cannot address the damage that
>> improperly deployed DMARC policies do to mailing lists.
> Unfortunately, much of the world outside IETF sees an RFC number and assumes Standards Track. We have RFC 7489, which is Informational, which then resulted in a mandate [1] for all executive-branch US Government domains to publish p=reject. I have to believe that they thought it was Standards Track when they did this.
>
> -Jim
>
> [1]https://cyber.dhs.gov/assets/report/bod-18-01.pdf
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc