On Wed 03/Feb/2021 19:12:26 +0100 John Levine wrote:
In article <b396cf21-05f4-a1a4-5abc-78c5aa276...@tana.it> you write:
On Tue 02/Feb/2021 20:13:42 +0100 John R Levine wrote:
It's existing practice and I see no reason to change it.
Software changes all the time. If we change, ...
Urrgh. There are still MTAs that haven't been updated from RFC 821. If
you want a real standard, the closer you can make it to what the
running code does, the most likely it will work.
How about this:
NOTE: Historically, SPF was focused on the mfrom identifier. The helo
identifier was retrofitted later, in order to account for delivery status
notifications. Earlier DMARC specifications followed suit. Subsequently,
it turned out that SPF records for the helo identifier are actually sharper
than those for mfrom, thereby making successful helo verifications very
reliable. However, in the vast majority of cases the mfrom identifier is
aligned with the main DMARC identifier, while the helo identifier often
does not have a corresponding SPF record. Therefore, the common practice
of using just the SPF result of mfrom unless empty is still a valid
heuristic.
?
Best
Ale
--
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
