On Mon, Oct 28, 2024 at 01:38:03AM +0000, Dave Crocker wrote:
> DMARC, DKIM and SPF are all completely outside of the email transport
> protocol specification. They are very much IN scope for a broader
> discussion of email as a service. But that's a different goal.
Given that SMTP is a hop-by-hop transmission protocol, while DKIM, DMARC
and SPF attempt to address (to various degrees, and with various known
drawbacks) end-to-end authentication of message origin. Description or
mention of those particular protocols is not IMHO a good fit for the
SMTP transport standard.
RFCs relevant to SMTP transport security include RFC 3207 (SMTP
STARTTLS), RFC 7672 (DANE SMTP) and RFC 8461 (MTA-STS hack).
In particular, at least from Gmail's vantage, RFC3207 adoption is has
come a long way since 2013, with STARTTLS now covering ~98% of traffic:
https://transparencyreport.google.com/safer-email/overview?encrypt_out=start:1356912000000;end:1730159999999;series:outbound&lu=encrypt_in&encrypt_in=start:1356912000000;end:1730159999999;series:inbound
But that's on the public Internet, and perhaps biased by GMail's traffic
going substantially to other similar providers. Inside private networks
the numbers are liable to be quite different.
--
Viktor.
--
last-call mailing list -- last-call@xxxxxxxx
To unsubscribe send an email to last-call-leave@xxxxxxxx
