Re: [dmarc-ietf] ARC vs reject

Dave Crocker <> Sat, 05 December 2020 23:24 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5D1823A0E62 for <>; Sat, 5 Dec 2020 15:24:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id EnLl8l9a1Ukw for <>; Sat, 5 Dec 2020 15:24:20 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4864:20::432]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1C2703A0E60 for <>; Sat, 5 Dec 2020 15:24:19 -0800 (PST)
Received: by with SMTP id f9so5825177pfc.11 for <>; Sat, 05 Dec 2020 15:24:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=j3eqkB9yAkukOffgtxx8Y0F8RQ26ov27rnR9YLAe4Gg=; b=tLy+XgffrK6MhZGskc2upjEkm6CcXMRDhJwkQpqpQAR9tE3j637dRCqLhwUijm24et VtS/IWln65nTEVDQ60D2FGgPwxLlU8Vzu59qD90tepzNORHSHWRcPJS2jWBkVJVRctp/ shnJV49Mzjs2DIl/fNc41+lOzaKW8Nw078bZzngy55WSa44JysWlMa9H4/yH4chYqXnW ROIopAuy9wTOEepo2JUkY05LXScef3UVvBY9Tng8PqwiWPBITuu0P9GEEQJTUgqDD/bX tp0fwH2RRwmbnjxlEBZXWkMSBPf6nt4p3UeG9Lj43otZp+mJkRP2fBq1BU3i0sd8C4Yn ytgw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=j3eqkB9yAkukOffgtxx8Y0F8RQ26ov27rnR9YLAe4Gg=; b=ZEwDuTSk9vQ07XCx22TweoDvRaB8kLYtcLHRBhgs049d+JtXfmTVlF/peyduL3MLU6 aavyQJtT8NYHJw/qnligBcA6C+wdI6+044IyBJ3bcG9rh9OY/abBiXTreSN9qEgcOaV4 yti60dmUjbvIVMpQNVQYL2ygrLVuvZtXwQxPMuyoeLJNonFZaN0P7VGX415W3ohyUG5M 6xf+7DfUTkh8Na7ZXAJ4PNm0F0aRvXNbhOrG05sYGt9+YWdIo7R5gZqsi+t/6GKUeXyC Oeb76tnc+aYpwYMAIMvkwq0Hzhw+N8feDWJazlWbWKBR7X+I75M/SLIyPXtiDlgwjWNx CD6g==
X-Gm-Message-State: AOAM5301iYisJQbS9BmE/FIf6q9m8b6Ir+ytvEgLKDI5dl59jKei6YWe fWBcbtYgT/lheV1yIZ7LlLJ8kGesMX4=
X-Google-Smtp-Source: ABdhPJyEq157jMc8gJoHJK1BT/5iKGUvh7wp94eEpbkaSbqCfofHG8xm57p22fwgevIxb3KF1+WM2Q==
X-Received: by 2002:aa7:8a88:0:b029:19d:8f05:b7a6 with SMTP id a8-20020aa78a880000b029019d8f05b7a6mr9980534pfc.39.1607210659173; Sat, 05 Dec 2020 15:24:19 -0800 (PST)
Received: from [] ( []) by with ESMTPSA id t22sm14990994pja.1.2020. (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 05 Dec 2020 15:24:18 -0800 (PST)
To: Michael Thomas <>, John Levine <>,
References: <20201205231059.2BA23290EDCD@ary.qy> <>
From: Dave Crocker <>
Message-ID: <>
Date: Sat, 5 Dec 2020 15:24:17 -0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.5.1
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <>
Subject: Re: [dmarc-ietf] ARC vs reject
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 05 Dec 2020 23:24:21 -0000

On 12/5/2020 3:15 PM, Michael Thomas wrote:
> Can you keep your contempt for me off this list? This is not even 
> responsive to what I wrote, and is nothing more than an ad hominem.

Wow. It wasn't an ad hominem.  His response followed the exact form that 
was established in your note, in the way the requirement/expectation was 
specified. If you didn't want that form used, don't use it.

In any event...

There is a fundamental flaw in the publisher of a dmarc record thinking 
they have any rights or expectations about how a receiver will choose to 
handle a dmarc failure.  It's fine for the publisher to offer their own 
assessment of what the failure means to them.  It is not fine for the 
publisher to pretend to tell the receiver what to do about it.

Even having a publisher's assessment be cast as 'advice' sets up the 
false expectation that the receiver should believe and care about that 
assessment.  Some might.  Others don't.  Talking about a receiver 
'overriding' DMARC policy exemplifies this false and inappropriate 


Dave Crocker

Volunteer, Silicon Valley Chapter
American Red Cross