On Fri, Jan 19, 2024 at 10:55 AM Dotzero <dotz...@gmail.com> wrote:
> The problem with relying on the Sender header is that unless a Sender > header matches the right hand side (domain) of the email address in the > From field, you can't tell if there is a legitimate relationship between > Sender and From. > > I think the correct approach is for DMARC to recognize this is a very tiny > corner case that very rarely shows up in the real world and ignore it. > As an individual, I concur. DMARC is about aligning authentication to the domain in the From. This doesn't make sense / gets far more complicated if there are multiple domains in the From. My two cents, loosely held: I think it's best to explicitly carve out, not as a corner case, but as something explicitly disallowed. The same way multiple DMARC records means no DMARC record, multiple Froms in a message should mean that no DMARC PASS can be generated. Seth > Michael Hammer > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > -- *Seth Blank * | Chief Technology Officer *e:* s...@valimail.com *p:* This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc