Issue 138 has been opened for this.
On Sat, Mar 16, 2024 at 5:35 PM Scott Kitterman <[email protected]> wrote: > Not sure if this is "significant" or not. > > I don't particularly like the title, but that's been that way for quite > some > time, so for WGLC, meh. > > The particular concern I have is with the text that was added right before > WGLC about multi-valued RFC5322.From fields. It includes the statement: > > > Such an approach might prove useful for a small number of Author > > Domains, but it is likely that applying such logic to messages with a > larger > > number of domains (as defined by each Mail Receiver) will expose the > > Mail Receiver to a form of denial of service attack, and so applying a > > negative disposition decision to the message may be the best course of > > action. > > In particular, the word "likely" seems a bit much. Additionally, I think > beyond the Domain Owner DMARC policy published in a DMARC record, I think > discussions about message disposition are outside the scope of this > document. > How about this instead: > > > Such an approach might prove useful for a small number of Author > > Domains, but it is possible that applying such logic to messages with a > > large number of domains (as defined by each Mail Receiver) will expose > the > > Mail Receiver to a form of denial of service attack. Limiting the > number of > > Author Domains processed will avoid this risk. If not all Author Domains > > are processed, then the DMARC evaluation is incomplete. > > I don't think we need to tell people what to do with such messages. I > think > this is enough. > > Scott K > > > _______________________________________________ > dmarc mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dmarc > -- Todd Herr | Technical Director, Standards & Ecosystem Email: [email protected] Phone: 703-220-4153 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
