[dmarc-discuss] multiple from

Franck Martin fmartin at linkedin.com
Tue Jul 16 08:20:32 PDT 2013



On Jul 16, 2013, at 8:02 AM, Andreas Schulze <sca at andreasschulze.de> wrote:

> Am 16.07.2013 09:31 schrieb Tim Draegen:
>> On Jul 16, 2013, at 9:19 AM, Andreas Schulze <sca at andreasschulze.de> wrote:
>> This section of the spec mentions multiple Froms, it's a tricky thing:
>> 	http://tools.ietf.org/html/draft-kucherawy-dmarc-base-01#section-10.1
>> 
>> About the Sender: header:
>> 	http://tools.ietf.org/html/draft-kucherawy-dmarc-base-01#appendix-A.3
> 
> Hm. tomatoes on my eyes ...
> Thanks, Tim!

In my experience, I have seen multiple email address in the From: with badly configured bounces, or display attack, or a repetition in the display part of the email address.

While people speak it is in the RFC to have multiple emails in the From, it is hard to catch a real use case in the wild.

I found it simpler to disallow it (unless it is the same domain which is repeated cf bugs above)

I found more troubling that the IEA spec allows now to not put an email address in the From: something like undisclosed-sender;




More information about the dmarc-discuss mailing list