On Monday, March 11, 2013 01:28:06 PM Carl S. Gutekunst wrote: > * > * > > >> That all sounds good. I think it would help to incorporate the language > >> of RFC 4408 into the DMARC specification: e.g., use "MAIL FROM Identity" > >> and not 5321.MailFrom when referring to the behavior of SPF. The two are > >> not the same. > > > > They're not? I thought RFC5598 defined one in terms of the other. > > Hey Murray. The RFC4408 "MAIL FROM" Identity is unique to SPF/Sender-ID, > and would be (IMHO) out of scope for RFC 5598. Per Section 2.2, it's a > computed value derived from the SMTP MAIL command and the "HELO" > Identity, which is defined in Section 2.1. > > 2.2. The MAIL FROM Identity > > The "MAIL FROM" identity derives from the SMTP MAIL command (see > [RFC2821]). This command supplies the "reverse-path" for a message, > which generally consists of the sender mailbox, and is the mailbox to > which notification messages are to be sent if there are problems delivering > the message. > > [RFC2821] allows the reverse-path to be null (see Section 4.5.5 in > RFC 2821). In this case, there is no explicit sender mailbox, and > such a message can be assumed to be a notification message from the > mail system itself. When the reverse-path is null, this document > defines the "MAIL FROM" identity to be the mailbox composed of the > localpart "postmaster" and the "HELO" identity (which may or may not > have been checked separately before). > > Really, the answer I needed was "perform the SPF check for DMARC exactly > as specified in RFC4408." It was just a suggestion on my part the DMARC > spec would be more clear if it said "MAIL FROM Identity" rather than > "5321.MailFrom" when referring to SPF checks. > > (If someone had told me 5 years ago that I would be hair-splitting over > the semantics of RFC 4408, I would have run off to Nepal and become a > monk....)
You might also want to read over the lastest 4408bis draft: http://trac.tools.ietf.org/html/draft-ietf-spfbis-4408bis-11 and join the spfbis mailing list before it's too late. Scott K _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
