I'm seeing a report where the XML contains two SPF records within a single auth_results entity. This doesn't seem correct. I found this thread: http://lists.dmarc.org/pipermail/dmarc-discuss/2016-April/003474.html and it says it's a bug, though, I'm a bit surprised (guess I probably shouldn't be) that this is still happening. Is there some part of the RFC that makes this appear like it's a legitimate report that could be misconstrued? Is this something that should perhaps be clarified?
<auth_results> <dkim> <domain>email.peacocktv.com</domain> <result>pass</result> </dkim> <spf> <domain>bounce.email.peacocktv.com</domain> <result>pass</result> </spf> <spf> <domain>mta-218-134.sparkpostmail.com.</domain> <result>none</result> </spf> </auth_results> Thanks -- Alex Brotman Sr. Engineer, Anti-Abuse & Messaging Policy Comcast _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc