disparate cases of it that we may be missing something bigger, and if so,
doing something defensive in the specification would be prudent. There's
smoke here, and there may be fire.
Will report back.
Examining my report folder, I note I'm sending one-liner aggregate reports to
domains I never wrote to. The pattern is their sending me feedback for one
or more mailing list posts, followed by my one-liner acknowledging their
report later on the same day or on the next day, depending on their sending
time.
That's not a "loop", it's the way that DMARC reports work.
While this is a minor problem for aggregate reports, it can be a real problem
for naive failure reports generators. Juri reported he had to target a
specific address, attributing the loop to a remote misconfiguration.
However, if it is possible to screw up authentications, the probability to
meet a loop is just its square, times the number of generators.
If the authentication is screwed up, sending a failure report is exactly
the right thing to do. That's what they're for.
I think we should close this. DMARC is working the way it is supposed to,
and people don't want to get reports about their reports, there are
obvious ways to prevent them, like not sending unaligned reports, or
sending reports from a domain that doesn't get reports back.
Regards,
John Levine, [email protected], Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
