I'm seeing a report where the XML contains two SPF records within a single
auth_results entity. This doesn't seem correct. I found this thread:
http://lists.dmarc.org/pipermail/dmarc-discuss/2016-April/003474.html and it
says it's a bug, though, I'm a bit surprised (guess I probably shouldn't be)
that this is still happening. Is there some part of the RFC that makes this
appear like it's a legitimate report that could be misconstrued? Is this
something that should perhaps be clarified?
<auth_results>
<dkim>
<domain>email.peacocktv.com</domain>
<result>pass</result>
</dkim>
<spf>
<domain>bounce.email.peacocktv.com</domain>
<result>pass</result>
</spf>
<spf>
<domain>mta-218-134.sparkpostmail.com.</domain>
<result>none</result>
</spf>
</auth_results>
Thanks
--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
