How are implementers dealing with forensic report loops? Say I send a message from X to Y, whose DKIM signature fails. Y sends me back a forensic report, whose DKIM signature also fails. X sends a forensic report to Y, whose report fails, etc. We need a way to break the loop.
As I recall, email routing loops are broken by simply counting the Received fields, but a given forensic report is a new message each time, so a mechanism like that won't work. Off the top of my head, a few options: 1) a new header field indicating "This is a forensic report, don't generate a forensic report about it." 2) some kind of token that's always in the Subject field of a DMARC forensic report. 3) always generate forensic reports as the null sender, and specify that forensic reports should never be generated in response to the null sender 4) something else? -MSK
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
