On August 17, 2005 at 12:05, Keith Moore wrote: > Look, it's not acceptable for DKIM to change the semantics of From. > >From can contain multiple addresses, From can contain an address other > than that of the Originator, and if a Sender field is present From has > no implied relationship with the party that originated the message. > These semantics are well-established and have been in use for around 25 > years.
Multiple addresses in From is a good point, and DKIM does not address this. Can complicate SSP logic. As for the role of the various header fields, it may help to review relevent RFCs, mainly RFC-2822: The originator fields indicate the mailbox(es) of the source of the message. The "From:" field specifies the author(s) of the message, that is, the mailbox(es) of the person(s) or system(s) responsible for the writing of the message. The "Sender:" field specifies the mailbox of the agent responsible for the actual transmission of the message. For example, if a secretary were to send a message for another person, the mailbox of the secretary would appear in the "Sender:" field and the mailbox of the actual author would appear in the "From:" field. If the originator of the message can be indicated by a single mailbox and the author and transmitter are identical, the "Sender:" field SHOULD NOT be used. Otherwise, both fields SHOULD appear. The originator fields also provide the information required when replying to a message. When the "Reply-To:" field is present, it indicates the mailbox(es) to which the author of the message suggests that replies be sent. In the absence of the "Reply-To:" field, replies SHOULD by default be sent to the mailbox(es) specified in the "From:" field unless otherwise specified by the person composing the reply. In all cases, the "From:" field SHOULD NOT contain any mailbox that does not belong to the author(s) of the message. See also section 3.6.3 for more information on forming the destination addresses for a reply. Now, if the above reflects reality... > If you want to define a way for DKIM to say "the party who sent this > message has permission to make statements on behalf of these From > addresses" that's all well and good. What's not appropriate is to > define DKIM in such a way as to wire in an assumption that From is > always the party who originated the message. Rfc2822.From is part of the set of originating fields, and according to RFC-2822, it signifies the mailbox(es) responsible for authoring the message. Will you elaborate more on your view of "origination" so I can understand better what you are saying, especially as it applies to RFC-2822. Thanks, --ewh _______________________________________________ ietf-dkim mailing list http://dkim.org
