Re: [dmarc-ietf] is DMARC informational?

"Murray S. Kucherawy" <> Mon, 07 December 2020 04:48 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C37223A00D3 for <>; Sun, 6 Dec 2020 20:48:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id bdE8bnaK2oU2 for <>; Sun, 6 Dec 2020 20:48:57 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4864:20::e29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 53BA63A0FDA for <>; Sun, 6 Dec 2020 20:48:57 -0800 (PST)
Received: by with SMTP id b23so6851203vsp.9 for <>; Sun, 06 Dec 2020 20:48:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Mfn+qLf4DSMaX1J+m26gbU8ReAu98qGCJbck+DAm7gw=; b=scxAWf6qcRxvdhtN+Jktg1BtOIvLPuw4lGvx3zQkVcmA+xpQZu02jk2pNIQabtHCAy xOjq4DQhzcnvEDC6pkn/WEtpvyrQML8YGEf7PgEz73C8C9WEumfe7aWDZY8IHKYiNV3b VwczZg0/MpzF2NkzY2z3OF6KQXHCi3Pmon9NAX4p9NNJMuaRwIiBnTC/uC7zRAku+57P zIg7q3VCLG+GRhw/8LYdzX1R/bOD+25YvoIdzq/VOAVg0g+6UvhENNLnYK1O36SbqCcz Bmno6bN3CyX459Ghk84TjtjozW75rdopUQ2AmvOUDWBhG3KovdEMq+sup7Ape3536Iev 24KA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Mfn+qLf4DSMaX1J+m26gbU8ReAu98qGCJbck+DAm7gw=; b=DS88niuLS7qQRwocixBfdvYmiCtMIYtCpyYJl5WlTCQzrN1Vkg39JxdIiBxc2/lZ/y xAem0Nmep3T/tKZRsd5QEmQBFN7i9FV+CaxsWTFgdumdq9BfFHOr+vrFQ3sTkSTMr5FQ nQF7WRHYNNyoWVeEU0HtuPzUgpKOODzsRzwphyK1t70zCAZOw9N3FJFc2aURGAbL1G/I DxSBv/iIWGy/S/y3VVJf13newGhSi4zWLM1iLKBSYysFinA44q2AQP1uujFn4ep4TKEc yy9jDCwPnSLXsAxmpwubguEHpp4qYL/IRKjzNNaKpwgWGEl7ne+ZgRyTdOOYqlmdw/aU mqEw==
X-Gm-Message-State: AOAM532uPKH/dX/ETf3tLqoxk0EhO581BaH8t4Pahwn6dVGv5ajcX9Q4 +hdVGdB0Y6Uas3TMkAnufp0J6n6PR9R4xa8K6B247Cyw
X-Google-Smtp-Source: ABdhPJy/Ce35YQSSh1eZd/+cgsxeFRMxssJD+BuH/nB/6iWA7bsTMFYonLJ5V8LDBC8nuIjnNUeA/LH62v9nmS30g8E=
X-Received: by 2002:a67:1d07:: with SMTP id d7mr11006930vsd.33.1607316536211; Sun, 06 Dec 2020 20:48:56 -0800 (PST)
MIME-Version: 1.0
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
From: "Murray S. Kucherawy" <>
Date: Sun, 6 Dec 2020 20:48:43 -0800
Message-ID: <>
To: Michael Thomas <>
Content-Type: multipart/alternative; boundary="0000000000002ebea005b5d88b32"
Archived-At: <>
Subject: Re: [dmarc-ietf] is DMARC informational?
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 07 Dec 2020 04:48:59 -0000

On Sun, Dec 6, 2020 at 9:20 AM Michael Thomas <> wrote:

> What I still don't understand is what drove the decision to deviate from
> ADSP. From reading through DMARC, it's basically ADSP nee SSP with
> provisions for SPF and the new reporting feature. SPF had its own policy at
> the time, but adding it and the reporting could have been done in the
> context of an ADSP-bis. Had I been paying attention, I certainly would have
> supported adding both of those features because they clearly make getting
> to the end goal better.

As I recall, people took a run at trying ADSP and it was largely
unsuccessful.  I recall at least Yahoo, PayPal, and Google trying it but
finding that it interfered with their employees' participation in lists, so
they each invented new domains for their employees to use as separate from
their operational public services.  This basically led to its demise.

This might also be because there weren't significant actors pushing for it,
or because it was basically an all-or-nothing prospect, or because its
scope in terms of domain name coverage was too limited.  DMARC was in some
ways a second attempt at ADSP that tried to address those apparent defects.

In addition to reporting, the Organizational Domain, "pct", and "sp" were
considered major features at the time.