On 6/2/2020 11:12 AM, Pete Resnick wrote:
On 2 Jun 2020, at 13:01, Dave Crocker wrote:
There's no reason that DMARC couldn't have included the sender or
tried to have some kind of
PRA like spf v2... but that's not the goal.
But the Sender: field is not reliably present and, of course, DMARC
needs an identifier that is reliably present.
Dave, could you explain that? Coding-wise, there's surely no reason
that an implementation can't say, "if 5322.sender is present then
sender = 5322.sender else sender = 5322.from". So you could say that
the identifier of sender is reliably present, since it's taken from
5322.from if 5322.sender isn't present. But maybe I'm missing
something. Please explain.
Not sure what you are asking. What I mean is that it isn't always present.
If Sender: contains the same address as From:, then Sender does not have
to be present, and often/usually isn't.
So when someone comes along and changes From: -- such as to hack around
the DMARC problem for intermediaries -- the semantic of the Sender
information is lost.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc