Re: [dmarc-ietf] same old org domain, Topic for IETF 112 - Policy Discovery

Tue, 02 Nov 2021 09:32:17 -0700 

On Mon 01/Nov/2021 21:35:07 +0100 John R Levine wrote:

On Mon, 1 Nov 2021, Alessandro Vesely wrote:

On Sun 31/Oct/2021 16:01:03 +0100 John Levine wrote:

It appears that Alessandro Vesely  <ves...@tana.it> said:
Another criterion, beside tree-walk and PSL, could be to look at the d= tag of the DKIM signatures that are aligned with the From: domain. Would that be semantically equivalent to the procedure described in the current Section 6.7.2? >>>
I don't understand what you're proposing. Are you saying to look for DMARC records at the d= domains in the signatures on a message? >> 
Yes, it might be a valid hint in some cases.


 What if it has no signatures but might be SPF aligned?
The existence of an SPF record is less indicative, as the protocol suggests to publish a record for each host.  Yet, in case the SPF identifier is a parent domain, it might be a valid hint too.
I still don't understand.  If a message has no DKIM signatures, and the sender uses SPF alignment, where do you look for _dmarc records?  A concrete example or two would be helpful.
Today I couldn't find the time to look for messages where the Return-Path: has a domain that is an ancestor of the From: domain. (Albeit I see not so many messages, I'll try and fill Scott's request[*] when time permits.)
With DKIM it's more likely to find the org domain. Mail sites that use subdomains, possibly in order to receive replies at different MXes, can still publish DKIM keys there. In that case, a receiver can try d= rather then walking the tree. 

For example:

Return-Path: <u...@sales.example.com>
Received: from mail.ny.ext.example.com (mail.ny.ext.example.com [192.0.2.4])
  [...]
DKIM-Signature: v=1; d=example.com
  [...]
From: Mr. User <u...@sales.example.com>
Subject: Isn't this quite common?


It could happen with SPF too, but I think it's unlikely.
In any case, an aligned identifier would be just a hint. If there's no DMARC record, the receiver has to walk the tree. 


Best
Ale
--

[*] https://mailarchive.ietf.org/arch/msg/dmarc/_Hoj9JrsJrZzPnjnRbsX0zRgOJg








_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc

Reply via email to