On 1/22/2015 7:13 PM, Terry Zink wrote:
The way it works in Office 365 is this:
1. When checking SPF, use the domain in the 5321.MailFrom. If it is empty, use
the domain in the HELO/EHLO.
2. Use the domain extracted from (1) when doing the DMARC alignment check for
SPF.
We don't check both 5321.MailFrom AND HELO/EHLO for SPF. I've never found this
to be a problem.
SPF Software that also supports:
RFC4405 SUBMITTER SMTP Service Extension
RFC4406 Sender ID: Authenticating E-Mail
RFC4407 Purported Responsible Address (PRA)
will also look at the PRA for SPF calculations. Enable the SMTP
Extension 4405 and watch many of the sessions using the SUBMITTER
field in MAIL FROM:
MAIL FROM:<return-path> SUBMITTER=pra
I don't know how it works in Hotmail (although I should) but it is moving over
to the Office 365 infrastructure over the next several months anyhow so it will
be the same.
Its good to know that Microsoft is single sourcing it.
--
HLS
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
