@lauren And (at least according to some early checks) this flaw isn't limited to DMARC spoofing. It could potentially be used for phishing and other abusive attacks too. This is why sendmail, exim and postfix (and more, I guess) have decided to treat this with high priority.