If I understand your suggestion, then I think you lose some flexibility that way. Suppose you want to use relaxed alignment. Say you have some subdomains that you want to use p=reject for, but at the organizational level, you want p=none.
_dmarc.sub.org.tld TXT "v=DMARC1;p=reject;aspf=r" _dmarc.org.tld TXT "v=DMARC1;p=none;aspf=r" You get a message with RFC5322.From domain sub.org.tld, and RFC5321.MailFrom domain other.tld. So the first record you find, at _dmarc.sub.org.tld doesn't give you enough information to judge alignment. Do you keep walking? I suppose you could jump to the longest common domain (tld in this case) and start walking again there. Regards, Joe On Thu, Oct 28, 2021 at 2:47 PM John R Levine <jo...@taugh.com> wrote: > > In your proposal, what happens if you find a record that specifies > aspf=r; > > the From header is aa.bb.cc.de.us, and the Envelope From is > ee.ff.gg.hi.us? > > How do you decide whether the common suffix .us is sufficient for relaxed > > alignment? > > Walk up from aa.bb.cc.de.us and stop when you find a _dmarc record. If > it's _dmarc.us, then ee.ff.gg.hi.us is OK for a relaxed match. If it's > below that, it isn't. > > Regards, > John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY > Please consider the environment before reading this e-mail. https://jl.ly >
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
