[dmarc-discuss] multiple from

Murray Kucherawy msk at fb.com
Wed Jul 17 09:40:48 PDT 2013


On 7/16/13 8:46 PM, "Roland Turner" <roland.turner at trustsphere.com> wrote:
>Any time an RFC and reality diverge, it it the RFC that is
>reality-ignorant, not reality that is RFC-ignorant.
>
>If it happens that the DMARC specification reflects reality better than
>existing RFCs - even standards track ones - then once again, it is those
>RFCs that are in error, not the DMARC specification.

I don't agree with the first generalization.  RFCs specifying the format
of an Internet message have existed for a really long time.  It's reality
that decided to diverge, largely out of laziness: Email generating code
would be sloppy and cut corners, and user pressure caused mail submission
agents and other services to tolerate it rather than be strict about it.
We're left with a system where lots of software now supports the lazy
implementations.

There's a draft making its way through the IETF now that describes this
situation, pleads with software to become strict once again, and then goes
into a list of common malformations and provides advice about how to
handle or interpret them.  But even that advice about safe handling
doesn't render those messages compliant; they are still broken.

DMARC's acknowledgement of reality doesn't make those RFCs wrong, nor does
it excuse various components' lax enforcement of the rules.

-MSK




More information about the dmarc-discuss mailing list