On Thu, Apr 17, 2014 at 10:01 AM, Joseph Humphreys < [email protected]> wrote:
> It's a problem if the service provider wants to offer bounce processing by > using their own domain for the return path, which I think is not uncommon. > That puts SPF out of alignment. > I think the difference is that the sender's domain can include the ISP's ranges in their own SPF record. You can't reasonably do that for every domain of every mailing list your users may post to. The ISP rewrites the MAIL FROM to deflect bounces. This passes SPF (IP matches MAIL FROM), and also passes DMARC's aligned SPF (RFC822 From has the original sender domain, which includes the ISP's IP range). Please tell me what I'm missing. J
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
