On Mon 27/Jul/2020 14:16:58 +0200 Dave Crocker wrote:
-------- Forwarded Message --------
Subject: New Version Notification for draft-crocker-dmarc-sender-01.txt
Date: Mon, 27 Jul 2020 05:16:07 -0700
From: [email protected]
To: Dave Crocker <[email protected]>
In various places, the I-D talks about a /domain owner/, but it is not always
so clear whose domain owner is meant, in case they differ.
For example, in *Domain Owner Actions*:
snd: When present, this tag signals that mail originated by the
domain owner MAY have a RFC5322.Sender field, as well as a
RFC5322.From field and that evaluation MAY be based on the domain
name in the RFC5322.Sender field.
I understand that as a permission that a domain owner grants (to anyone?) to
resend mail from its domain if it is correctly authenticated.
However, following instructions give the opposite impression. In *Determine
Handling Policy*:
Sender: Extract the RFC5322.Sender domain from the message.
Query the DNS for a DMARC policy record.
Perform remaining, numbered steps, if one is found and it
contains an "snd" tag.
Let's say I have From: real.bank, and Sender: phisher.example. The above text
seems to imply the receiver is looking up _dmarc.phisher.example. Correct?
Next step 4 apparently entails that aggregate reports are sent to both From:
and Sender:. That sounds solid, but not practical. A MLM needs to apply From:
rewriting until it sees that all (or most) receivers look for Sender:. How?
A possible solution in my next message.
Best
Ale
--
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
