> On Jan 19, 2024, at 10:19 AM, Todd Herr > <todd.herr=40valimail....@dmarc.ietf.org> wrote: > > > Perhaps the way forward for DMARC is to look for a Sender header when there > is more than one RFC5322.From domain and use that for DMARC processing, with > the stipulation that messages that don't contain such a Sender header are > invalid and should be rejected?
Todd, +1 I like this idea. The 5322.Sender is required for a 2+ address Mailbox-list. https://www.ietf.org/archive/id/draft-ietf-emailcore-rfc5322bis-09.html#section-3.6.2 This also feeds an RFC5322 validator with a new rule to make sure Sender exist for a 2+ address mailbox-list and also open the door to using Sender for DMARC purposes and if you could, reference RFC5322 section 3.6.2 In the name of integration and codification of layered protocols, since RFC5322bis is still active, perhaps it can revisit the 5322.From ABNF and/or have something more strongly to say about it regarding 2+ address mailbox-list. Perhaps it should be deprecated. It would better match the current DMARCBis semantics and security-related concerns on 5322.From with multiple addresses. All the best, Hector Santos
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
