In article <b396cf21-05f4-a1a4-5abc-78c5aa276...@tana.it> you write: >On Tue 02/Feb/2021 20:13:42 +0100 John R Levine wrote: >> >> There is some commented out code to not pass a HELO result to DMARC, don't >> remember why I turned it off. > >Couldn't find the code you uncommented in.
I'm not surprised. It's only in my MTA. >Apparently, OpenDMARC reads Authentication-Results: (or Received-SPF:) and >calls opendmarc_policy_store_spf() to save >the result it parsed. That way, the last value found is the one that will be >used. > >It seems that relies on upstream SPF filters writing a single SPF result. If >mfrom is given write its result, >otherwise write helo's. That behavior is presumably coded after DMARC's >idiosyncrasy. It would choke if applied to an >unskewed SPF filter's results. Is that what its milter does? Not surprised. >> It's existing practice and I see no reason to change it. > >Software changes all the time. If we change, ... Urrgh. There are still MTAs that haven't been updated from RFC 821. If you want a real standard, the closer you can make it to what the running code does, the most likely it will work. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc