On Fri, 27 Oct 2017 14:43:30 +0200 Reindl Harald wrote: > Am 27.10.2017 um 13:54 schrieb RW: > > On Thu, 26 Oct 2017 01:33:20 -0400 > > Rupert Gallagher wrote: > > > >>> The DMARC standard says that EITHER (only takes one) SPF must pass > >>> and > > > >> The relevant DNS R allows requiring both SPF and DKIM must pass, > >> which is what we do in our own setup. > > > > Where in the RFC does it say that? > > he don't care about any RFC at all > > https://mail-archives.apache.org/mod_mbox/spamassassin-users/201702.mbox/%3cFWrFLZkuFusFwGACSDfdusz_HyPSrPgPw0RsXDHGKfnF2_1kiGm3G7nRvDBvEHCtszfXRDuDEP8RWKODak5w6wOEOr9EykDW03LqRGBR4hc=@protonmail.com%3e > > https://mail-archives.apache.org/mod_mbox/spamassassin-users/201702.mbox/%3cX9QVYmPc6XlSTm1JzXZ-J3Stw44aCmzDx9f9V-RVIoAw2wnHO5rfo0eOdtHnsJCFPBrkMr3yN4F5_GViYWxBnQB0J_sFhulAHDr27JbAcS8=@protonmail.com%3e
In this case I suspect that he's was confused by the DMARC record option to: "Generate a DMARC failure report if any underlying authentication mechanism produced something other than an aligned "pass" result." which is just a diagnostic feature.
