What is the IETF and how can you follow RFC discussions?
Still have a question, spotted an error, or have a better explanation or a source we should cite?
If you've ever wondered why Gmail suddenly started rejecting emails without DMARC, or why SPF has a 10-lookup limit that feels oddly arbitrary, the answer usually traces back to a document called an RFC. And those RFCs come from the IETF (Internet Engineering Task Force), the group that quietly shapes how email works at a technical level.
The IETF is an open, volunteer-driven standards body. It doesn't write laws or set policies. It publishes RFCs (Request for Comments) that define technical protocols. SPF lives in RFC 7208. DKIM in RFC 6376. DMARC in RFC 7489. When those documents get updated or replaced, the behavior of mail servers everywhere eventually shifts to match.
The work happens inside working groups, each focused on a specific area. For email senders, the ones worth knowing are:
- DMARC WG (dmarc@ietf.org mailing list). Produced the DMARC spec and is still active on extensions like ARC (Authenticated Received Chain) and DMARC reporting improvements.
- EMAILCORE WG. Working on core email protocol maintenance, including updates to RFC 5321 (SMTP) and RFC 5322 (message format).
- SPAMOPS. Focused on operational practices around spam prevention. More practitioner-facing than protocol-deep.
To follow discussions without drowning in noise, here's a practical path.
- Use the IETF Datatracker (datatracker.ietf.org) to search for active drafts by keyword (try "DMARC", "email authentication", "ARC"). You can see the full revision history of any draft and who commented on it.
- Subscribe to the mailing list for one working group that matters to your work. The DMARC WG list is a good starting point. Traffic is moderate and the discussions are concrete. You can subscribe at mailman.ietf.org.
- Watch for "Last Call" notices. That's the public comment period before a draft becomes an RFC. It's the window where outside feedback genuinely influences the final document.
- Check the IETF blog and meeting notes if you don't want to wade into raw mailing list threads. IETF holds three plenary meetings a year and publishes summaries.
You don't need to be a protocol engineer to follow this stuff (though it helps). Reading a handful of mailing list threads per month gives you early warning when something is about to change. That's the real value. You're not there to debate TCP internals. You're there to notice when the DMARC spec is about to require something your stack doesn't currently support.
If you want to go further and actually contribute feedback to a draft, there's a separate answer on contributing to standardization initiatives that walks through how to do that without needing to be an IETF member.
Contributors
Who worked on this answer
Every name links to their profile. Every company links to their site. Real people, real accountability.