Re: [dmarc-ietf] Sender-supplied decision matrix for passing DMARC

Steven M Jones <> Tue, 15 June 2021 02:00 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id EF1D03A19C8 for <>; Mon, 14 Jun 2021 19:00:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id lFomTd9MfkxJ for <>; Mon, 14 Jun 2021 19:00:33 -0700 (PDT)
Received: from ( [IPv6:2001:470:1:1e9::4415]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id AB6B23A19C7 for <>; Mon, 14 Jun 2021 19:00:33 -0700 (PDT)
Received: from ( []) (authenticated bits=0) by (8.15.2/8.15.2/cci-colo-1.16) with ESMTPSA id 15F20LT3063225 (version=TLSv1.2 cipher=ECDHE-ECDSA-AES256-GCM-SHA384 bits=256 verify=NO) for <>; Tue, 15 Jun 2021 02:00:30 GMT (envelope-from
DKIM-Filter: OpenDKIM Filter v2.10.3 15F20LT3063225
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; s=201506-2k; t=1623722431; bh=Xu1gn+kMomthUYYjhMGe6hIHH5aKo397uMS1gxHq300=; h=Subject:To:References:From:Date:In-Reply-To; b=VJgkexHCS+9oIjGC0bDLaUHB8QVEUsbvbYSzhFV47m/3aisDCNr3HqaU+ExyJk7b7 ZjjtjDkx2Hd0BKL7SBVjd0pcW4a6zsGIRZxA/hh1w255iS9a4VvatDyFxi2lOt8ZGf BK/XmBR0X0cDGzAjoy6XEuwcQsUpUZAEcuGk5OJ2MHNMDGRphxIRXLTLlEEYqlrcA5 z7EWPGieAv+1PQhUwPit5QSm0AELnMS7PZR+riDjaQC0hPqKlcTsZjAskE17NLVpxS Ks6Lu+05Lei8utGmwnL5arZl71xs/JE01YjA7AQxjN6QCblZu2TMIqP0aQ+WOP5x0K tZVWU6ew/Qseg==
X-Authentication-Warning: Host [] claimed to be
References: <>
From: Steven M Jones <>
Message-ID: <>
Date: Mon, 14 Jun 2021 19:00:43 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:78.0) Gecko/20100101 Thunderbird/78.11.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Content-Language: en-US
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 ( []); Tue, 15 Jun 2021 02:00:30 +0000 (UTC)
Archived-At: <>
Subject: Re: [dmarc-ietf] Sender-supplied decision matrix for passing DMARC
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 15 Jun 2021 02:00:36 -0000

On 6/14/21 10:09, Brotman, Alex wrote:
> Does this make everyone cringe, or perhaps worth a larger discussion?

This was considered (repeatedly) during the original DMARC work, and I
believe again while it was being put into RFC7489 form.

It was rejected because it increased the likelihood of broken/invalid
records for the overwhelming majority, while providing complexity that
relatively few senders wanted. And they could usually get what they
wanted by other means.

I would not be in favor of adding more complex policy expressions.