I see no conflict. A domain with DMARC enforcement asserts that it sends only authenticated messages. Since multiple-From messages cannot be fully authenticated, such messages are inconsistent with the domain owner's stated practices Therefore, the domain owner's published Failure disposition recommendation is applicable.
For all messages, the evaluator has no obligation to accept or reject any message, and can do so based on any criteria that suits his purposes. There is nothing in RFC5322 that requires a message to pass authentication. Any decision to reject a message based on lack of authentication becomes a matter of local policy. Doug On Sun, Feb 4, 2024 at 8:26 AM Alessandro Vesely <ves...@tana.it> wrote: > On Sat 03/Feb/2024 21:44:42 +0100 Murray S. Kucherawy wrote: > > On Sun, Jan 28, 2024 at 5:40 AM Alessandro Vesely <ves...@tana.it> > wrote: > > > >>> I think this point about alignment of Sender is definitely correct, > >> > >> Let's also recall there was a proposal to consider Sender: anyway. > > > > And also let's recall that the community has previously rejected the > idea > > of involving Sender in DMARC evaluations. Some text about why can be > found > > in DMARC itself, i.e., RFC 7489, Appendix A.3. > > > Sorry I reconsidered that possibility. It was after Todd recalled that > multi-valued From: require Sender:. Please forget it. I agree DMARC > doesn't > need to consider Sender:. > > > > What do we think has changed since then that warrants reconsidering that > > position? Have we started to see multi-value From attacks? > > > A DMARC filter has to do something when it sees a multi-value From:. > AFAIK, we > just anticipated such attacks. Their becoming trendy depends on how DMARC > filters are going to be implemented. The latter, in turn, depends on how > we > specify DMARC. > > Another concern is how acceptable it is to specify a standard which does > not > admit input which is perfectly valid according to a lower layer standard. > Are > they conflicting? > > > Best > Ale > -- > > > > > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc >
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
