Re: [dmarc-ietf] Nonexistent Domain Policy was: Re: Working Group Last Call: draft-ietf-dmarc-psd

Seth Blank <> Fri, 12 July 2019 18:16 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A452012085E for <>; Fri, 12 Jul 2019 11:16:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.603
X-Spam-Status: No, score=-0.603 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, PDS_NO_HELO_DNS=1.295, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id dKXskEiTtSw6 for <>; Fri, 12 Jul 2019 11:16:14 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::330]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 2AC9212086F for <>; Fri, 12 Jul 2019 11:16:08 -0700 (PDT)
Received: by with SMTP id q20so10341057otl.0 for <>; Fri, 12 Jul 2019 11:16:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=LhfWeWbhek68YZ8xA3u4LJheJfAEy4+mGhRkXe2iXwg=; b=DaOJ4UcCK5qhaHjordXoOgiC48/ykcdosSYC9bh44Z35no6xZmMd/Vdm710xVss3BE 7pun7DV6lWBevun3JWmoGTkidbds0XYz+qPPjHH80rYgNDoHhWeGn55RrX3Vtxs6d8Yg Dgvxv/4Wje7xF9pc1FrDirj5w+I72yWfxg1byBnMGfWx8MT3CxIwwQJQ43ZAJWYJwxBI l2am9sd7btyfS1S6mS3lNbfjmQjDpSY1wd9zGuHmUaiPt64GNGzk5YSNYRc1QrnRKRAm VJD3usZGQ95Z1YpKaegJFCwcXiOEUWZ6t8J7K10q1srXZCjm7PDfu7GyKvefNXF+Rcum h55A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=LhfWeWbhek68YZ8xA3u4LJheJfAEy4+mGhRkXe2iXwg=; b=JCVWsPfkMze6JgcFk7cKFfJcah7l2YoCP+SCgCoKE/lSEJavMV6HaqRwociCKxx4CM LHr91fpiVlV7QlHZvq7lgHwRhh1vb1jb0cmi/DoWtX+ccVCcK8ExO+Joy2CAGHdTWsKt ENfN6BNlp5FaS+JUEQWPynbRdue8F2DGaqPJbrcYrq9NZTI9RzVudX1NoPSHtJ1DfdOb azBLTGFRGuC21Ps8xs/nzYwbzaI6bgJoiE/Oh7l+zzeKo1YR0IPg+g1nL6Ms6gxp4LVQ Igy+PR9nEAys34uj4YcuIKZh+5vOgu0hg035UDKSZT0nW0OY97e2wURO7wOLVQ4+sl+/ P3+Q==
X-Gm-Message-State: APjAAAW4vjeef1YOHsdyLJtSiFz+keVR3FlymttxpMJvDnDh7qqLSZmQ HZgJ9UnvzlYYnBs9sBjOovNG+f9abCCGSsC/JOA=
X-Google-Smtp-Source: APXvYqy2dCu71Uqjm6uCqW6BwB+kdkVE7Xi9WL2Gq3arGGMYVTHk9d0bQkQr8Nh7mLBUkE7ofxE3WC/frcS4q8RoExs=
X-Received: by 2002:a9d:6f09:: with SMTP id n9mr9047849otq.335.1562955366962; Fri, 12 Jul 2019 11:16:06 -0700 (PDT)
MIME-Version: 1.0
References: <> <> <1893230.9INSBCnb99@l5580> <>
In-Reply-To: <>
From: Seth Blank <>
Date: Fri, 12 Jul 2019 11:15:51 -0700
Message-ID: <>
To: "Kurt Andersen (b)" <>
Cc: Scott Kitterman <>, "" <>
Content-Type: multipart/alternative; boundary="00000000000072aeb4058d7fe73d"
Archived-At: <>
Subject: Re: [dmarc-ietf] Nonexistent Domain Policy was: Re: Working Group Last Call: draft-ietf-dmarc-psd
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 12 Jul 2019 18:16:17 -0000

On Fri, Jul 12, 2019 at 10:55 AM Kurt Andersen (b) <>; wrote:

> I am much more concerned with adding another tag that can only be used in
> a PSD-DMARC record. I would be much more open to make a "normative" change
> to the DMARC tag list (RFC 7489 section 11.4) to define np for any DMARC
> record, than to make this a special case for PSD-DMARC records.

I am also concerned with adding any new policy-related tags, due to the
confusion they create that limits adoption. However, a very clear case for
an NXDOMAIN policy has been made by UK NCSC for, and both .gov and
.mil have stated they also want this behavior. Others have shared similar
opinions privately.

Since PSD is an experiment, I think this is a fine place to test an np=
tag. If it gets usage, then we have a clear argument for it being a normal
tag for DMARCbis. If not, then it can be jettisoned altogether.

Adding this tag for PSD will simply need explanatory text in the
Experimental Considerations outlining this.