I fear that I muddied the waters by asking about the RFC5321.MailFrom address. Let's return to the main issue of the RFC5322.From address which DMARC protects.
This is not an edge case. If spam filters were already blocking messages with RFC5322.From addresses with non-existent domains, we would not be having this discussion. The RFC5322.From address can be very ethereal. Consider the following situation: The marketing department of Example.com hires a mass mailer to do a campaign from [email protected]. ChristmasSale.Example.Com does not currently exist. The email service provider does its due diligence during account setup: - The client has sent email communication from example.com and account paperwork for the same organization. I have the client identified correctly,. - The client has no DMARC policy on Christmas.Example.com, and an organization or PSD DMARC policy of SP=none, so I do not need to acquire a DKIM signing key. - But the organization or PSD policy does specify NP, so I need the client to prove that ChristmasSale.Example.Com exists. Requiring the client to create a bogus host record with a bogus IP address makes no sense, and is likely to be rejected by the client DNS administrator. Requiring the client to create a name server record to prove domain existence does make sense, and should be easily approved and implemented by the client DNS administrator. Ergo, defining the NP policy based on A, AAAA, and MX is not appropriate. Doug Foster ---------------------------------------- From: [email protected] Sent: 11/20/20 6:30 AM To: 'John Levine' <[email protected]>, "'[email protected]'" <[email protected]> Subject: Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP Thank you, John. I agree that it's an edge case and not worth addressing separately. Eric Chudow DoD Cybersecurity Mitigations -----Original Message----- From: John Levine <[email protected]> Sent: Thursday, November 19, 2020 11:04 PM To: [email protected] Cc: Chudow, Eric B CIV NSA DSAW (USA) <[email protected]> Subject: Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP In article <553d43c8d961c14bb27c614ac48fc03128116...@umechpa7d.easf.csd.disa.mil> you write: >Section 2.7. defines a non-existent domain as "a domain for which there >is an NXDOMAIN or NODATA response for A, AAAA, and MX records. This is >a broader definition than that in NXDOMAIN [RFC8020]." This should be >sufficient for determining that the domain is not intended to be used and >therefore could have a more stringent policy applied. > >The idea of looking for a "mail-enabled domain" based on if an "MX record >exists or SPF policy exists" is interesting. >Although there may be domains that send email but not receive email and so may >not have an MX record. These days I think you will find that if the domains in your bounce address and your From: headers don't have an MX or A record, very few recipients will accept your mail. This seems like an edge case. In practice I find that the domains caught by the Org domain or I suppose PSD have A records but no mail server because they're actually web hosts rather than mail hosts. We have the Null MX to indicate that a domain receives no mail and SPF plain -all to indicate that it sends no mail so I hope we don't try to reinvent these particular wheels. R's, John _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
