While revising the interop document, I am adding a note about the situation with multiple domains in a syntactically correct RFC5322.from header (section 6.6.1). The last paragraph of that section reads: > > The case of a syntactically valid multi-valued RFC5322.From field presents > a particular challenge. The process in this case is to apply the DMARC > check using each of those domains found in the RFC5322.From field as the > Author Domain and apply the most strict policy selected among the checks > that fail.
I realize that an earlier statement in the section defines the actual handling to be implementation dependent, but it's not clear to me how the advice in the last paragraph would really be applied. Say for example that a message is received with two domains in the RFC5322.from: test1.example and test2.example. If test1.example fails to have an aligned, authenticated identifier but specifies p=reject while test2.example *does* have an aligned, authenticated identifier, then it seems to me that the message receives a DMARC pass evaluation and the policy for test1.example is irrelevant since p=reject doesn't apply to a message that passes DMARC. Am I misunderstanding the recommended algorithm? --Kurt Andersen
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
