On 1/20/21 1:37 PM, John Levine wrote:
In article <[email protected]> you write:
A little off topic, but is there any normative text in DMARC about the
authenticity of the reporting?
See section 7.2.
Sorry, I'm not seeing it.
It seems like there ought to be normative
text that the report should have a valid DKIM signature from the domain
reporting.
I've been getting DMARC reports for nearly a decade and do not ever
remember getting one that looked fake. What would be the point? I
don't see this as a problem that needs solving.
What could possibly go wrong has an extremely poor track record. In the
case of email it's an easy fix.
Mike
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
