On Thu, Jan 28, 2021 at 4:13 AM Alessandro Vesely <ves...@tana.it> wrote:
> > DKIM (in its simplest form) returns N tuples of the form (d= domain, > > pass/fail). All of them were run through exactly the same check; all of > > them were attached to the message in exactly the same way; all of them > have > > essentially identical semantics. Giving them equal footing makes sense > to > > me. > > > > The two identifiers in SPF hold different places in the SMTP session, and > > have different semantics. I think treating them differently is also just > > fine. > > It is relevant that both identifier come from /the same/ SMTP session. > That's > not true for many DKIM signatures. > I guess if report consumers really want this information, we can include it. I just don't see the value in the HELO parameter if it's effectively random junk in the session. At least a passing DKIM signature is associated with a domain that existed at some point in time and whose DNS contained apparently-valid public keys. I can mostly type anything I want to HELO or EHLO. -MSK
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc