On Thu, Dec 25, 2014 at 10:15 PM, Dave Crocker <[email protected]> wrote:
> One could argue either way about the multi-valued From:, but at least it > has an essential relationship to DMARC, since DMARC evaluates From:. If > DMARC were required to handle multi-valued From:, it would alter DMARC > noticeable, as was evident in the debate about this issue. > > The MX requirement has no such linkage. > I'm afraid the glue is still too thick. Fortunately at this point, this is all academic. I'm staring at this and not understanding how the two are all that different. They both seek to ensure that a DMARC evaluation can be done on the From: domain, and thus both seek to ensure that the From: that lands in the inbox can be trusted by end users to be valid. In both cases, as you put it, DMARC evaluates From:. The only difference I can see is that one is a self-contained syntactical check while the other requires consulting another data source (the DNS, in this case) for a simple validity test. If the MX/A/AAAA test fails, then there's no policy to apply. We [used to] reject on the basis that it's impossible for that message to legitimately exist. If the single-value From: test fails, then which domain's policy is to be applied is potentially indeterminate. We [still, typically] reject on the basis that it's impossible to be sure which domain the end user will see, and thus decide which policy should apply. DMARC participants don't like that case and (we claim) protected mail streams never use that syntax anyway, so we disallow its use for those cases. To me they have approximately identical goals. If the MX test can legitimately be dismissed because it aspires to world peace, why shouldn't the other? Anyway, I'm content at this point to leave this for the standards track discussion when the WG gets around to it. I'll remain quietly confused until then. -MSK
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
