On 2 Jun 2020, at 13:29, Dave Crocker wrote:
On 6/2/2020 11:12 AM, Pete Resnick wrote:
On 2 Jun 2020, at 13:01, Dave Crocker wrote:
There's no reason that DMARC couldn't have included the sender or
tried to have some kind of
PRA like spf v2... but that's not the goal.
But the Sender: field is not reliably present and, of course, DMARC
needs an identifier that is reliably present.
Dave, could you explain that? Coding-wise, there's surely no reason
that an implementation can't say, "if 5322.sender is present then
sender = 5322.sender else sender = 5322.from". So you could say that
the identifier of sender is reliably present, since it's taken from
5322.from if 5322.sender isn't present. But maybe I'm missing
something. Please explain.
Not sure what you are asking. What I mean is that it isn't always
present.
If Sender: contains the same address as From:, then Sender does not
have to be present, and often/usually isn't.
Well, that's the field, not its value.
So when someone comes along and changes From: -- such as to hack
around the DMARC problem for intermediaries -- the semantic of the
Sender information is lost.
If you do change the From, you should always add a Sender. (Or is your
point that implementer's don't, and that's the problem?)
What I'm missing is why the lack of an actual Sender: header field is
problematic.
pr
--
Pete Resnick https://www.episteme.net/
All connections to the world are tenuous at best
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
