It appears that Richard Clayton <[email protected]> said: >This is not a question of validation, DMARC is all about alignment > >You will need to say EHLO with a domain name that aligns with the From: >if you cannot manage that then DKIM is your only way to get your bounce >message to have a DMARC pass
Now that I look at it, RFC 7489 says ambiguously in section 3.1.2 that the HELO can be used to "fake" (quotes in the original) a domain for alignment, while the current draft says in sec 4.4.2 "DMARC relies solely on SPF validation of the MAIL FROM identity." I don't remember the origin of this change. I don't feel strongly either way whether to use the HELO but I would like to be sure it's deliberate. What do existing DMARC libraries do? R's, John _______________________________________________ dmarc mailing list -- [email protected] To unsubscribe send an email to [email protected]
