On Fri 29/Aug/2025 19:02:56 +0200 Dotzero wrote:
I do have some thoughts on the use of message-id to identify the original (intended) recipient of the rejected message. Only the originator of the message could match the message-id back. This means any redaction of PII protects privacy but still allows the originator of the message to do analysis. I believe that any discussion of these types of approaches is better left for a BCP.
I assume you're thinking this applies to the case where the reported message header was redacted in such a way as to hide any To:/Cc:/Bcc: values. I agree using Message-Id: would be clever, allowing for heavy redaction —indeed, one could omit the third MIME part altogether. But does anyone actually redact the reported message?
Privacy aside, RFC 5965 provides for having "Original-Rcpt-To" fields in message/feedback-report. Linkedin uses them. Currently, Original-Rcpt-To's are missing from the example in Appendix A. I'll add some.
Best Ale -- _______________________________________________ dmarc mailing list -- [email protected] To unsubscribe send an email to [email protected]
