On 5 June 2017 at 07:09, Richard James Salts via Exim-users < [email protected]> wrote:
> Was the message a bounce or autoreply with an empty sender? Should the > behaviour be to fall back to helo domain with spf when > processing a message from the empty sender? Is that even desirable? > If it's any help, section 2.4 of RFC 7208 SPF <https://tools.ietf.org/html/rfc7208#section-2.4> states: [RFC5321] allows the reverse-path to be null (see Section 4.5.5 in [RFC5321]). In this case, there is no explicit sender mailbox, and such a message can be assumed to be a notification message from the mail system itself. When the reverse-path is null, this document defines the "MAIL FROM" identity to be the mailbox composed of the local-part "postmaster" and the "HELO" identity (which might or might not have been checked separately before). and section 3.1.2 of RFC 7489 (DMARC) states: Note that the RFC5321.HELO identity is not typically used in the context of DMARC (except when required to "fake" an otherwise null reverse-path), even though a "pure SPF" implementation according to [SPF] would check that identifier. So as I understand it then yes, you fall back to the HELO domain when the RFC5321.MailFrom is null. (This tallies with what I've observed happening with Gmail's SPF and DMARC verification.) Cheers, Mike B-) -- Systems Administrator & Change Manager IT Services, University of York, Heslington, York YO10 5DD, UK Tel: +44-(0)1904-323811 Web: www.york.ac.uk/it-services Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
