It appears that Alessandro Vesely <ves...@tana.it> said: >Would it make sense to extend DMARC commitment to the whole From: field? For >example, assert that the local part and the display name have been set by an >authenticated user? (Rather than automatically munged.)
All of the mail that comes out of my system (other than the stuff sent by scripts) is sent by authenticated users who can put whatever they want in the From: header. It's quite useful, particularly for those of use who use multiple addresses. It puts info about who authenticated in other places. This partcular bad idea has been batted around for years. Nobody has ever been able to explain how you could distinguish "real" address comments from unreal ones. If you're just wondering whether the header has been changed, DKIM already does that. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc