On Sun 31/Oct/2021 16:01:03 +0100 John Levine wrote:
It appears that Alessandro Vesely <ves...@tana.it> said:
>> Another criterion, beside tree-walk and PSL, could be to look at
the d= tag of
the DKIM signatures that are aligned with the From: domain. Would that be
semantically equivalent to the procedure described in the current Section 6.7.2?
I don't understand what you're proposing. Are you saying to look for DMARC
records at
the d= domains in the signatures on a message?
Yes, it might be a valid hint in some cases.
What if it has no signatures but might be SPF aligned?
The existence of an SPF record is less indicative, as the protocol
suggests to publish a record for each host. Yet, in case the SPF
identifier is a parent domain, it might be a valid hint too.
The concept of Organizational Domain is still useful for receivers, as it helps
setting up reputation databases.
Sure. You get the org domain via the tree walk.
The tree walk doesn't distinguish among intermediate, organizational,
and public suffix domains.
In this respect, the PSL is also useful outside the DMARC
protocol; for example, to get the organizational domain of HELO
arguments. >
I don't immediately see the utility of the org domain of the HELO unless you're
checking SPF on a bounce, but why wouldn't you do the same tree walk?
If you don't receive so many messages, keying under organizational
domain helps reducing the size of the database, thereby increasing
per-record data.
Best
Ale
--
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
