On Tue, Sep 2, 2025 at 3:43 PM Dotzero <dotz...@gmail.com> wrote: > > > I've been thinking about the potential problem space you describe, Todd. > The question in my mind is whether the problem is the size of a slice of > bread, a loaf of bread or the size of a bread truck. My experience > inclines me to believe this is not even a slice of bread. Ale points out in > many cases the account may not exist. Much of the mail involved is spam. > For the most part, when it involves a real recipient we are talking email > address and possibly name. How frequently do legitimate individuals or > organizations send email using a domain that is not their own? Very rarely. > I just don't see this issue at a scope or scale that even makes it a > rounding error. > > I'm dubious about the claim that a DMARC failure report would be generated in response to an email sent to a non-existent address; I would expect such messages to be rejected at RCPT TO, with no opportunity for the receiving domain to even evaluate DMARC at that point, let alone generate a failure report, because there'd be no DATA command and no RFC5322.From header transmitted.
> The problem is with someone sending mail from a domain they don't have > permission to use. > > Respectfully, the problem is with someone sending mail from a domain they don't have permission to use to an address that the domain owner (i.e., the report consumer) may or may not have knowledge of, but for the sake of argument, let's limit the problem description to just unauthorized use of a domain, regardless of the recipient address... What value is there in sharing the recipient's address with the domain owner, then? The message didn't transit the domain owner's servers, and so the recipient address is worthless for using as a key to search logs for the problem message, so why bother reporting it? -- Todd Herr Some Guy in VA LLC t...@someguyinva.com 703-220-4153
_______________________________________________ dmarc mailing list -- dmarc@ietf.org To unsubscribe send an email to dmarc-le...@ietf.org
