For the past couple of years, the email authentication community has been talking about “DMARCbis.” That name is now officially obsolete, as the updates to the DMARC specifications previously encapsulated in the details of DMARCbis have now been published as three new, separate, and official “Request For Comment” (RFC) internet specification documents.
These updated DMARC specifications have forma...
The DMARC updates reflect a pragmatic evolution in email authentication, driven by real-world friction points rather than theoretical idealism. The shift from the PSL to DNS tree walking is a notable improvement, reducing reliance on an external list designed for a different purpose (browser security) and making domain boundary detection more deterministic. This change aligns with a broader trend in internet protocols: moving away from centralized, manually curated lists toward decentralized, al...