On Sat, Jul 15, 2017 at 10:27 AM, Juri Haberland <[email protected]> wrote:
> On 15.07.2017 09:20, Kurt Andersen wrote: > > > It seems like there is another problem here if OpenARC is trying to take > a > > "foreign" A-R header and suck it into being "your" AAR header. The only > > auth results that should ever be trusted is the one you create (per > > RFC7601). > > OpenARC parses all A-R headers and reads them into a structure - one by > one. After an A-R header is parsed, the AuthServID is compared and if it > matches, the parsed A-R header is further used - else it is ignored. > > So no problem here. > > Juri > But if the parsing fails, then it was hanging and causing message deferral, even if the AuthServID would have disqualified that header from being used further? --Kurt
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
