On Friday, August 28, 2015 06:02:52 PM [email protected] wrote:
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories. This draft is a work item of the Domain-based Message
> Authentication, Reporting & Conformance Working Group of the IETF.
...
I've reviewed the diff from the last version and I think we're getting there.
I do have a few additional comments:
On page 5, in the revised paragraph of section 2.1, I think there's a word or
so missing in the changed text around SPF HELO. I think it would read better
if the constructs about RFC5321.MailFrom and RFC5321.HELO/EHLO were more
parallel. I think either one of these would serve:
The DMARC relevant Authenticated Identifier that SPF provides is the
RFC7208.MAILFROM [RFC7208] based on the RFC5321.MailFrom [RFC5321]
domain, or, if the RFC5321.MailFrom address is absent (as in the case of
"bounce"messages, on the RFC5321.HELO/EHLO SMTP domain.
or
The DMARC relevant Authenticated Identifier that SPF provides is the
RFC7208.MAILFROM [RFC7208] based on the domain found in the
RFC5321.MailFrom [RFC5321] command, or, if the RFC5321.MailFrom address
is absent (as in the case of "bounce"messages, on the on the domain found
in the RFC5321.HELO/EHLO SMTP command.
In the revised text on page 15 where the paragraph starts "MTAs sending email
on behalf of multiple domains ...", the text is improved from the last
revision, but I think it would be even better to say just "... avoid DMARC
alignment issues." rather than "... avoide DMARC alignment issues with SPF."
These same issues can come up with DKIM as well, so there's no point in being
overly narrow here.
On page 19, the second security consideration that's been added should be
removed. It's not a security consideration and is, in fact, the opposite of
what the referenced paragraph says.
Scott K
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
