On Sun, Feb 4, 2024 at 5:25 AM Alessandro Vesely <ves...@tana.it> wrote:
> > What do we think has changed since then that warrants reconsidering that > > position? Have we started to see multi-value From attacks? > > A DMARC filter has to do something when it sees a multi-value From:. Why? It hasn't so far (i.e., ~10 years). What's the evidence that we have something to fix here? That is, why is Section 6.6.1 of RFC 7489 suddenly inadequate? AFAIK, we > just anticipated such attacks. Their becoming trendy depends on how DMARC > filters are going to be implemented. The latter, in turn, depends on how > we > specify DMARC. > Is it just me, or does that sound like a circular dependency graph? We'll never finish if we're prepared to say we're willing to wait for that to resolve before deciding what should be in DMARC. Another concern is how acceptable it is to specify a standard which does > not > admit input which is perfectly valid according to a lower layer standard. > Are > they conflicting? > I would argue that they are not. DMARC can assert that it only acts on a profile of the layers below it, and anything outside of that profile is simply not within scope. If you as a receiver don't like the possible gap that creates, you're free to do something about it, but you're not doing so under any normative guidance from DMARC. -MSK, participating
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
