Hello Validimir, the point is that answers can be sent to the (DKIM) report and receiving the answers can trigger sending a new report to the address published in DNS.
Empty return path prevents sending an answer to the report. What to do if a site sends a report that does not validate DMARC/DKIM, then a new (reverse) report by the other host is sent and this report again does not validate DMARC/DKIM, so it triggers a new report? This is a concern of improperly configured site pairs. The target for the recommendation to use MAIL FROM:<>/NOTIFY=NEVER are properly configured sites, that deal with improperly configured sites. Regards Дилян On June 4, 2019 2:48:32 PM GMT+03:00, Vladimir Dubrovin <dubro...@corp.mail.ru> wrote: > >Reports are not sent to Return-Path address, empty return path does not >prevents report from being sent. Actually, report with empty >envelope-from has higher chances to generate a reverse report, because >in this case SPF is checked against HELO and, in practice, many seders >do not have SPF configured for HELO name and SPF failure can trigger a >report. > >04.06.2019 12:41, Dave Crocker пишет: >> On 6/4/2019 11:27 AM, Дилян Палаузов wrote: >>> A DKIM failure report is sent, on which a bounce is generated >> >> The rule for mail-handling notification messages has been that they >do >> not contain a return address, in order to avoid looping. Shouldn't >> that apply to DMARC reports, too? If not, why? >> >> d/ >> > >-- >Vladimir Dubrovin >@Mail.Ru
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
