On Wed, 24 May 2017, Dave Crocker wrote:
Unless there is a very compelling need for multiple A-R header fields -- and I don't think I've seen that asserted -- then the simplest thing is to declare them illegal and any occurrence of them as invalidating the authentication mechanism(s).
There's two things going on here. One is the A-R headers added as an incoming message is recieved, the other is the ARC-Authentication-Results added by ARC. Personally, I agree with you that there's no reason to allow duplicates of either (it took me about a day to write the mailfront plugin that checks SPF, DKIM, and DMARC and adds one A-R header, and I'm not that good a programmer), but the horse seems to have left the barn for A-R and a lot of sloppy code adds multiple headers for the same message hop.
On the other hand ARC-Authentication-Results is new, and we can certainly say there's only one of those.
Really. The goal here needs to be to make this a simple as possible. It's the only way to get large scale support that interoperates well.
Agreed. Regards, John Levine, [email protected], Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
