Hello, Am Donnerstag, dem 14.01.2021 um 01:22 -0800 schrieb Steven M Jones: > On 1/13/21 20:29, Murray S. Kucherawy wrote: > > > > How are implementers dealing with forensic report loops? > > The question of whether such a thing is actually ever seen in the > wild > should be asked, if only to document that it was asked and answered. > See > prior "this is a vanishingly small number who cares" discussions.
Imagine a case, where two sites sending forensic reports on failures exchange messages and the one site is misconfigured: on each received forensic report it sends a bounce, which bounce does not DMARC-align. This the same problem as with a misconfigured site sending Aggregate reports, but does happen once a second, not once a day. By sending reports with return-path:<> you prevent the misconfigured recipient of the report to generate a bounce, which bounce must DMARC-align, but does not DMARC-align. I want to remind on real-world cases addressed on this mailing list • On 25 May 2019 with Subject “Is there any recommendation to send DMARC message-specific failure reports FROM:<>”? • On 31 May 2019 with Subject “Endless Email Loops with Aggregate Reports” • On 4 JUne 2019 with Subject “Endless Loops with DKIM reports” which addresses reporting per “RFC 6651 Extensions to DKIM for Failure Reporting” - this is not much different than forensic reports that lead to https://trac.ietf.org/trac/dmarc/ticket/30 “Endless Email Loops with Aggregate Reports”. I have not read the thread “Ticket #28 - Failure report mail loops”. A possible approach is not to send failure reports for messages received on the address for accepting aggregate/forensic reports. These messages shall just be excluded from all calculations. Does anybody compare the number of messages sent from her host1 to the host2 of somebody else, with the number of reported messages in the aggregate report? If the numbers do not match, does somebody apply negative spam weights for host2? Greetings Дилян _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
