On 1/23/2015 8:05 PM, Kurt Andersen wrote:
Scott proposed:
How about this:
[SPF] can authenticate both the domain found in an [SMTP] HELO/EHLO
command (the HELO identity) and the domain found in an [SMTP] MAIL
command (the MAIL FROM identity). DMARC uses the result of SPF
authentication of the MAIL FROM identity. Section 2.4 of [SPF] describes
SPF MAIL FROM processing for cases in which the MAIL command has a
null path.
Frank voted:
+1
Ship it!
+1 also :-)
Slow down. :)
I don't get that second sentence:
"DMARC uses the result of SPF authentication of the MAIL FROM
identity."
Does that mean it gets return-path from the "Authentication-Result:"
header? or the "Return-Path:", "Sender:" headers? or is about what
SPF should report?
I believe, it sounds to me, that it should be:
[SPF] can authenticate both the domain found in an [SMTP] HELO/EHLO
command (the HELO identity) and the domain found in an [SMTP] MAIL
command (the MAIL FROM identity). Section 2.4 of [SPF] describes
SPF MAIL FROM processing for cases in which the return path is null,
for example MAIL FROM:<>.
For DMARC domain alignment policies, DMARC uses the return path
(MAIL FROM)
of the transaction for alignment with the author domain, see
Section 3.1.
Its really two separate ideas imo.
--
HLS
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
