This is not true. You must DKIM sign your DSN. As long as one authentication mechanism passes and is aligned then DMARC passes.
>From your example, DKIM pass and is aligned, therefore DMARC should have passed. I feel you found a bug in the DMARC library of the recipient. For info, we are aware of the SPF case re DSN and DMARC, and this will be addressed. On 8/29/12 1:43 PM, "Andreas Schulze" <[email protected]> wrote: >Am Mi, 29.08.2012, 22:31 schrieb Franck Martin: >> What is the content of the From: header? And are you relaxed or strict? >From: "MAILER-DAEMON" <[email protected]> > >I suppose relaxed mode: ># dig _dmarc.mout.andreasschulze.de. txt +short >"v=DMARC1\; p=reject" > >But I just learned, that dmarc could never pass for a domain only sending >delivery status notifications because RFC5321.From is empty. >So I will change the Record to "v=DMARC1; p=none" > >Andreas > _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
