According to Damian Lukowski <[email protected]>: >-=-=-=-=-=- > >DMARCbis38 states > >> DMARC operation is predicated on the input being a valid RFC5322 >> message object. For non-compliant cases, handling is outside of the >> scope of this specification. > >RFC5322.From can be valid and still have no author domain information. >RFC7489 section 6.6.1 at least stated > >> Messages with an RFC5322.From field that contains no meaningful >> domains, such as RFC 5322 [MAIL]'s "group" syntax, are typically ignored. >So, ignore instead of fail or pass. What should DMARCbis verifiers do?
If there's no domain to validate, there's nothing to pass or fail, so I'd say ignore remains the reasonable action. The only question that DMARC addresses is whether the use of the domain in the From: header is authorized. If there's no domain, there's no question to answer. In practice, how common are messages with no domain in the From header? I don't recall seeing any and I would expect that if there are any, they're all spam that would get filtered for other reasons. R's, John -- Regards, John Levine, [email protected], Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly _______________________________________________ dmarc mailing list -- [email protected] To unsubscribe send an email to [email protected]
