On Sat 30/Jan/2021 22:57:44 +0100 John R Levine wrote:
Part of the problem here is that DMARC generally sits on top of an SPF library which doesn't tell you how it got its result. My DMARC code just calls the SPF library and uses the result. I suppose I could put in a hack to say don't use the SPF result if the MAIL FROM is null, but I don't think that's what 7489 says.
One way to interpret RFC 7489 is that you can put dmarc=pass based on the helo identity *only if* MAIL FROM is null. So the hack there is a bit more tricky. You want to use the SPF result only if MAIL FROM is null, except in cases when you authenticate based on MAIL FROM. That's idiosyncratic!
On Sat 30/Jan/2021 20:59:13 +0100 Jim Fenton wrote:
The fact that a message sender can put anything there makes HELO basically meaningless.
Here "message sender" has to be a mail server admin. Compare with MAIL FROM, where "message sender" is the actual author submitting a message. How come that the same assertion being more widely true for MAIL FROM doesn't make the latter basically meaningless?
Best Ale -- _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
