On 8/28/2015 5:46 PM, Franck Martin wrote: > Is SPF "alignment" a valid term here? (The term does not appear in the > SPF spec.) I thought 'alignment' was first defined in this space for > DMARC and that it does not have formal meaning for SPF or DKIM. I > assume what is meant is simply SPF validation. > > > It is DMARC alignment with SPF, the confusion between SPF and DMARC-SPF > lives on...
The term "DMARC alignment with SPF" has no meaning within the DMARC spec. Per RFC 7489: Identifier Alignment: When the domain in the RFC5322.From address matches a domain validated by SPF or DKIM (or both), it has Identifier Alignment. That is, 'alignment' is with the rfc5322.From field. Not 'with' SPF or DKIM. It is validated 'by' SPF or DKIM. Going back to the draft text I'm questioning: > o MTAs sending email on behalf of multiple domains may require > Domain Owners to provide DKIM keys to use DKIM to avoid SPF > alignment issues. Managing DKIM keys with a third party has > security risks which should be carefully managed. I think that the intended meaning is: ...to avoid SPF validation issues, given the requirement for DMARC alignment with the rfc5322.From field. or somesuch. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc