On Wednesday, March 27, 2013 8:04 AM [GMT+1=CET],Franck Martin wrote:
> There is a misnomer here.
>
> In the context of DMARC, SPF fail means, (SPF was not pass) or (SPF
> was pass and was not aligned).
>
> We should have called it DMARC-SPF, or something else, but not SPF.
> So don't get confused.
>
> On Mar 26, 2013, at 8:34 PM, John Levine <[email protected]> wrote:
>
> > > Ok, so where in the DMARC draft specification is it stated that
> > > SPF-absence equals a result of DMARC-fail for the SPF-mechanism?
> > >
> > > Also, I find it troubling that DMARC leverages SPF and at the
> > > same time changes the RFC-sanctioned SPF semantics (i.e., the old
> > > SPF-neutral now becomes SPF-fail for DMARC).
> >
> > The only situation in that would be an issue is if a domain went to
> > the effort of publishing a DMARC record, but did not publish an SPF
> > record.
> >
> > As the old saying goes, "Doctor, it hurts when I do this."
> >
> > "So don't do that."
> >
> > R's,
> > John
Thank you Franck and John for these further explanations.
Based on that, I think section 4.2.2 ("SPF-authenticated Identifiers") of the
DMARC specification should be a little more verbose and explicitely spell this
out with more detail.
Possible result of a SPF check, according to RFC 4408, are:
--Pass
--Fail
--SoftFail
--Neutral
--None
--TempError
--PermError
I think section 4.2.2 could include something like this: "In the DMARC's
SPF-check, to produce a SPF-mechanism authenticated result, an Identifier
Alignment is needed, and it can be obtained from the SPF-mechanism if and only
if the SPF result is "Pass" according to RFC 4408 and also if and only if
RFC5321.MailFrom and RFC5322.From either have the same Organizational Domain
(for relaxed mode) or have exact DNS domain match (for strict mode)."
Regards,
-J. Gomez
_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)
