On 08/31/2013 11:55 AM, Scott Kitterman wrote: > On Saturday, August 31, 2013 14:15:25 John Levine wrote: >>> So what is the problem here? Misconfiguration on my mail server, >>> problem with Google's DMARC logic, or a DMARC spec ambiguity? >> >> What leads you to conclude that there is a problem? It sounds like >> everything worked the way it is supposed to. > > If the hostname of the mail server was a subdomain of the From domain, then > maybe not (I don't know, as we don't have enough data). RFC 4408 says:
No, the hostname of the mail server is not a subdomain of the From domain. But the mail server is a valid SPF sender for that domain. >> ... When the reverse-path is null, this document >> defines the "MAIL FROM" identity to be the mailbox composed of the >> localpart "postmaster" and the "HELO" identity (which may or may not >> have been checked separately before). > > The wording is identical in 4408bis. > > My reading of this is that if an SPF verifier is checking postmaster@HELO > when > mail from is null, that ought to be treated as a valid mail from result and > used by dmarc as an input. > > Given that, if there was identity alignment, DMARC should have accept it. > > What were the domain names in the HELO/server hostname and body from of the > message? The mail from domain name in the body of the message differs from the HELO/server hostname. But again, the HELO/server hostname is a valid SPF sender, based on an SPF "a" directive. Regards, Raman _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
