----- Original Message ----- > From: "Franck Martin" <fra...@peachymango.org> > To: "José Ferreira" <jose.ferre...@anubisnetworks.com> > Cc: dmarc@ietf.org > Sent: Thursday, November 27, 2014 7:35:23 PM > Subject: Re: [dmarc-ietf] DMARC and Bounces (was: Indirect Mail Flows) > > > ----- Original Message ----- > > From: "José Ferreira" <jose.ferre...@anubisnetworks.com> > > To: dmarc@ietf.org > > Sent: Thursday, November 27, 2014 3:34:57 AM > > Subject: [dmarc-ietf] DMARC and Bounces (was: Indirect Mail Flows) > > > > >From: "Franck Martin" <fra...@peachymango.org> > > >Sent: Wednesday, November 26, 2014 10:29:35 PM > > > > > >Therefore it is important to read > > >http://trac.tools.ietf.org/html/rfc7208#section-10.1.3 on how to setup SPF > > >to work with >bounces. > > > > > >I know (or have known) several large properties that did not have this > > >setup. Unfortunately, bounces are not very visible >and it is hard to stop > > >sending emails to an invalid address if you cannot receive bounces due to > > >policy. > > > > So let's see how this must work in bounces ( DSN ): > > > > Requirements: > > * For the domain, the RFC5321.EHLO/HELO domain is used if the > > RFC5321.MailFrom is null. > > * RFC5321.MailFrom must have a domain. > > * alignment must exits between RFC5321.MailFrom domain, SPF identifier > > domain and DKIM's d= value. > > > > So a DMARC compliant DSN must: > > * Have a RFC5321.MailFrom with domain > > * Must present a HELO/EHLO hostname aligned domain and/or DKIM sign with > > d= > > of the same domain. > > > > > > Considerations: > > * This can be tricky in strict mode. Probably we should define a new > > specific field to define how this should align. > > * Some MTAs, at least Postfix, by default generate bounces with "From: > > MAILER-DAEMON (Mail Delivery System)". > > > RFC5321.From (envelope from) must be a valid email address or be null <> > > RFC5322.From must have a domain (the From Header, not the envelope From > RFC5321): > http://tools.ietf.org/html/rfc5322#section-3.6.2 > http://tools.ietf.org/html/rfc5322#section-3.4 > > from = "From:" mailbox-list CRLF > > mailbox-list = (mailbox *("," mailbox)) / obs-mbox-list > > mailbox = name-addr / addr-spec > > name-addr = [display-name] angle-addr > > angle-addr = [CFWS] "<" addr-spec ">" [CFWS] / > obs-angle-addr > > addr-spec = local-part "@" domain > > As such the construct you indicate is illegal: > From: MAILER-DAEMON (Mail Delivery System) > > http://www.postfix.com/bounce.5.html, it is indeed a problem with postfix out > of the box and empty_address_recipient needs to be configured properly. > > Note: this rule for RFC5322.From may be relaxed by RFC6854 for EAI/SMTPUTF8 > compatibility reasons only during the transition. >
I think there should be a wider reference to bounces in the draft-kucherawy-dmarc-base. I know bounces are rare and we try the most to avoid bounces but it happens and have specific issues that should be addressed differently or , at least, highlighted. José Borges Ferreira AnubisNetworks _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
