On 6/9/2014 2:01 AM, Matt Simerson wrote:
I also fail to see how this is a security issue.
Agreed. It's *really* easy to filter and block delivery
for non-existent domains.
That is exactly what will be required to mitigate and close this new
security hole.
if mail.from.tld is ".invalid" then
reject it, or
accept and discard, or
accept and quarantine
Then it won't be a potential security problem any more. We went
through this same issue with DKIM and its Multiple From headers
security hole.
--
HLS
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
