Menu
▾
▴
#63 Reject multi-valued From messages unless all of the domains have the same Organizational Domain
While multiple From: header in an email is not allowed, a multi-valued from header is. However practically it is not used. It has been sighted mainly in bounces and in an old version of .NET but this reflects more poor configuration or bug than something mean to be.
In order to alleviate some of these configurations and bugs, rejecting a multi-valued from header unless the domains are all part of the same organizational domain would:
-Avoid algorithm complexity
-Reduce a potential attack vector
-Allow many configurations and bugs where multiple-values are found in from header.
The Switch should be OFF and recommended to be ON.
Likely needs to wait for a later release since the From: parser can only handle single-value fields at the moment. Will also need to hook into libopendmarc since that's where the OD processing lives.
Last edit: Murray S. Kucherawy 2014-01-06
Planned for next major release.