In article <ef1706f6-6ed5-f7dc-8c31-1c1e6270b...@quantopian.com> you write: >1) Most of the failure reports I've seen haven't included the message >body, they've only included the headers.
Depends who you get them from. The ones from Netease are just the headers, the ones from Linkedin give you the whole message. >2) The people receiving the failure reports aren't "total strangers." >They are either (a) the same people who run the email infrastructure (if >failure reports are handled internally), who are presumably authorized >to look at email headers while troubleshooting issues, or (b) >third-party data processors (to use the GDPR terminology), which are >permitted as long as how they are using the data is disclosed to users. They're sent to whoever some ruf= tag points to. I get all the failure reports for any message with one of my domains on the From: line, even if if was forged or a typo or a configuration error and nobody related to me sent it. Sounds like total strangers to me. R's, John _______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)