On Tue, Jan 20, 2015 at 1:44 PM, Anne Bennett <[email protected]> wrote:
> I apologize for my inadvertently poor timing; I was catapulted > into all this last week when my parent domain (also my > Organizational Domain) published an SPF record and a DKIM > record, and we became concerned that they might implement DMARC, > which could have a very negative impact on our mail services > unless we take action quickly and become prepared to publish > our own DMARC record. Thus, my sudden plunge into all these > RFCs and this draft. :-/ > Well, shoot. Timing notwithstanding, I also apologize if I came across as dismissing your use case as unimportant. I thought you were merely providing reviews as an interested party, not actually addressing a production problem. Since, as pointed out by Tim Draegen, "DMARC implementations are > already in the wild and deployed", one would expect to be able > to determine what those implementations do, based on this spec. > Sadly this hasn't been possible (so far) for me and my colleague > Michael Jack Assels, despite our being two fairly smart cookies, > with nearly a half-century of e-mail experience between us. > I can't speak for most of the operators you're probably dealing with, many of whom have their own implementations. I can say that OpenDMARC consumes the Authentication-Results field, or the Received-SPF field if the former isn't there, but it prefers a result based on MAIL FROM over one based on HELO if both are present. But it will use both. I'm pretty sure Gmail people are on, or at least following, this list; hopefully someone there will comment. I want to emphasize that I think that the documents in question > (at least this draft and RFC7208 - I've barely skimmed RFC6376 > on DKIM yet) individually are well written, but trying to > understand them in context together is proving to be quite > a challenge, and the lack of clarity on the HELO issue is > the biggest part of the problem. > This is certainly useful feedback to the WG. In addition to considering it as a topic for a Proposed Standard version of the DMARC specification, there might be a need to explore some kind of interim statement about what's supposed to happen here (if necessary). > But on the off-chance that it's not impossible to clarify > this now, and assuming that my growing suspicion that HELO is > ignored is correct, then I would propose: > > [...] > Do people concur with this change, or something close to it? -MSK
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
