On Tue 28/Jul/2020 12:37:32 +0200 Dave Crocker wrote:
On 7/28/2020 12:26 AM, Alessandro Vesely wrote:
On Mon 27/Jul/2020 20:51:54 +0200 Dave Crocker wrote:
On 7/27/2020 11:15 AM, Alessandro Vesely wrote:
If receivers lookup the Author: domain too, they can evaluate
authentication and alignment also with respect to that domain.
Since there is no authentication or alignment associated with the Author
field, I don't know how they can be evaluated.
Receivers can evaluate the Author: domain just like they would do if it were
the From: domain.
So you want to define DMARC as applying to both the From: field and the Author:
field? That will defeat the benefit intended for the Author: field.
Yes. In case of conflict, evaluation of Author: has to be omitted. For
example, Author: fields containing multiple mailboxes are not considered.
(OT-BTW, DMARC spec will have to consider From: fields with multiple mailboxes,
since they're allowed by RFC 5322. Should Sender:, in such cases, have a
domain aligned with one of those?)
As a new field, Author: doesn't wear a reliable-id trophy, hence receivers
may refrain to apply policy dispositions. However, the result of the
evaluation, conveyed through aggregate report, can tell MLMs if rewriting
From: was necessary.
How, exactly?
Author: and Sender: domains can be included in aggregate reports along with the
From: one. The policy_evaluated can also include more items, specifying which
evaluations pass or fail.
Best
Ale
--
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc