[opendmarc-dev] multiple from issues
Andreas Schulze
sca at andreasschulze.de
Tue Jul 16 06:09:13 PDT 2013
Hi all,
Time to break the silence on opendmarc-dev :-)
Today I sent messages with a strange but valid RFC5322.From:
From: <user at paypal.com>, <user at web.de>
To honor RFC5322 I added a "Sender: <user at web.de>"
paypal has a dmarc-record p=reject, web.de don't know spf/dkim/dmarc at all.
The mail is forged and expected to not pass dmarc. And my opendmarc
really found a forged message:
Jul 16 14:36:30 ergeht opendmarc[2402]: 3bvh1T4cFYz52Hn: paypal.com fail
I set "RejectFailures yes" in opendmarc.conf so the message was rejected.
But the reject reason mention the second domain (web.de):
Jul 16 14:36:30 ergeht postfix/cleanup[2610]: ... 5.7.1 rejected by
DMARC policy for web.de; ...
Looks like opendmarc could be "optimized" when parsing RFC5322.From
and handle RFC5322, Section 3.6.2 correct.
I also changed the From line to "From: <user at web.de>, <user at paypal.com>"
The message was no longer blocked although it don't pass dmarc.
Multiple From are nice but add only unnecessary complexity today.
Will be a funny discussionpoint in Berlin...
Andreas
More information about the opendmarc-dev
mailing list