In article <[email protected]> you write: >OLDER: > These reports SHOULD include the "call-to-action" URI(s) from inside > messages that failed to authenticate.
Well, you can guess where that came from. >NEW: > These reports SHOULD include as much of the message and message header > as is reasonable to support the Domain Owner's investigation into what > caused the message to fail authentication and track down the sender, > unless privacy reasons suggest otherwise. I'd strip it down more. These reports should include as much of the message header and body as possible, consistent with the reporting party's privacy policies, to enable the Domain Owner to diagnose the authentication failure. The "should" is deliberately lower case since it's not something you can describe mechanically. R's, John _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
