Am 03.06.2024 um 14:46 schrieb Scott Kitterman:
I think that the current language is accurate, given what RFC 7208 says. I
think people who are going to misread RFC 7208 are going to misread it no
matter what we say here, so we should move on.
I think the DMARCbis draft does conflate the terms "MAIL FROM identity"
and "RFC5321.MailFrom".
Section 4.4.2 of the draft says that "the domain used in the MAIL FROM
identity, which will also be the RFC5321.MailFrom domain in the email
message, is the Authenticated Identifier". The second half of that will
be false in the case of a null sender.
It appears to me that that sentence in the draft is intended to specify
only that one must not validate the HELO in the case of a non-null
sender, as is RECOMMEDED in section 2.3 of RFC7208.
I think it would be clearer to explicitly cite section 2.4 of RFC7208 in
section 4.4.2, while removing the aforementioned passage. Perhaps
something like:
Before:
If the authorization is validated, the domain used in the MAIL FROM
identity, which will also be the RFC5321.MailFrom domain in the email
message, is the Authenticated Identifier.
After:
If the authorization is validated, the domain used in the MAIL FROM
identity as defined in section 2.4 of [RFC7208] is the Authenticated
Identifier.
--
Best regards,
Alexander Robohm
_______________________________________________
dmarc mailing list -- [email protected]
To unsubscribe send an email to [email protected]
