On Tue 02/Jun/2020 19:00:55 +0200 Dave Crocker wrote: > On 6/2/2020 9:44 AM, Jesse Thompson wrote: >> I'm relaying these DMARC questions/concerns on behalf of an email admin at >> another university. [...] >> >> " >> I don't see on the list of issues the most fundamental problem of DMARC, >> namely that it conflicts with RFC 5322 on the use of the From and Sender >> header fields [1] and possibly with RFC 6326 as to the significance of DKIM >> fail [2]. The former is the more serious problem. Making DMARC alignment >> part of a standard for Internet messages requires a revision of RFC 5322. I'd >> love to see this resolved. > > [...] > > DMARC enforcement requires that the DKIM/SPF domain be the same as the author > From:. That is, the folk doing email operations have to be able to sign the > DMARC aligned domain. > > Hence the From: field is now really the Sender: field. The From: field fixup > hacks that are needed by intermediaries, to avoid DMARC-based rejections, > makes > this fact painfully clear, even as they serve to undermine recipient use of > the > From field for author-related message management. > > [...] > > The only suggestion I've been able to formulate is: create a new field, such > as Author:.
+1, that's the proper way to fix the issue Jesse relayed. Re-senders who rewrite From: should copy its value to Author: unless such field is already present. MUAs should be discouraged from displaying or using Author:, unless (verifiably) signed by a trusted domain or otherwise configured by the user. > (Give it a simple, clean, appropriate name, rather than something like > Original-From.) Yes, and let's note that the issue is so fundamental that solving it also solves the long-standing problem of how to standardiz mailing lists behavior with DMARC. Best Ale -- _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
