On 14 June 2017 at 20:33, Mark Milhollan <m...@pixelgate.net> wrote: > I don't have a strong opinion as to the alert Gmail provides when a > message has the From header matching the To header, though it seems to > me most of the time it would result in an SPF failure (whether soft or > hard) and so be problematic. I've done this a few times but always > between machines that would pass SPF checks. >
In my test messages SPF and DKIM are both PASS beause the mail from / return-path are on a third domain (that also signed by DKIM). So DMARC fails because mime From doesn't align with SPF/DKIM. DMARC is currently "FAIL" but gmail domain has a p=none, so this condition is shared by at least 40% of incoming email, today. I would have been less surprised if that message appeared for all SPF/DMARC failing message and not only to that specific use case. I've no certain idea as to why Google wouldn't provide an alert when the > From header names some other Gmail address yet didn't originate from a > Google server, apart from guessing that they have some bugs or as yet > unresolved edge cases they're considering. > The message I see has already been translated to other languages and is specific for " from your account." so it doesn't sounds like a generic error that is currently applied to a specific case. This is my main "surprising" point: for me it is harded to recognize if an email from another google mail address has been spoofed than to recognize that a given email saying it is "from me" has not been really written by me. Stefano
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
