On 9/10/24 5:06 AM, Scott Kitterman wrote:
On September 10, 2024 10:20:59 AM UTC, Alessandro Vesely<[email protected]> wrote:
Hmm... there are relays that don't change the bounce address. For such cases, the
explanation of why SPF checks fail would be different... I'd suggest removing the
explanation (that is ", as the incoming ... the sending domain"). It should be
well known by now that SPF breaks forwarding.
I don't think it's safe to assume people know this. I do think the point is
worth addressing. Perhaps adding (if the Mail From address is not rewritten by
the relay) after necessarily fail SPF checks would address the point.
I agree that generally, if there's anyplace we should favor being more
explicit than implicit, it's an IETF specification document.
Is a parenthetical like this too disruptive to the flow of the text?
When such mail is delivered to the actual recipient mailbox it will
fail SPF checks (provided the rfc5321.MailFrom was not altered), as
the sending IP address will be that of example.edu or
association.example, and not an address authorized for the sending domain.
--S.
_______________________________________________
dmarc mailing list -- [email protected]
To unsubscribe send an email to [email protected]
