On Thu, Aug 4, 2022 at 10:15 PM Douglas Foster < dougfoster.emailstanda...@gmail.com> wrote:
> Consider two names: > u...@promotions.fake.bank, where "fake.bank" is non-existent. > "promotions.fake.bank" is therefore also non-existent. > and > u...@promotion.real.bank, where "real.bank" exists, but > "promotions.real.bank" does not exist. > > We can assume that the marketing department made up the > "promotions.real.bank" name and then hired sendgrid.net or > constantcontact.net to do a mass mailing for them. The mailing is DKIM > signed with a "real.bank" signature. To complete the example, we assume > that "real.bank" has not yet published a DMARC policy, so the PSD policy > applies. > > When the PSD policy is operational, my argument is that the only thing > that matters is whether the domain exists, not whether the RFC5322.From > address exists. > > In my logic, "u...@promotion.real.bank" is exempt from the PSD NP policy > because the organization exists, and is DMARC PASS if the PSD policy allows > relaxed alignment. > > Under the current text, the message from "u...@promotion.real.bank" must > be blocked because the RFC5322.From address does not exist, even though it > passes relaxed alignment. > Please point out where the text says such a message must be blocked, because not even RFC 5322 says that. It would be rather nonsensical of us to write a document that includes a policy tag (np) that would by definition never apply if the document says that if the RFC5322.From domain does not exist, the message MUST be rejected. If we have text that says the message MUST be rejected under such conditions, that text must be corrected. It is possible, perhaps even likely, that receiving domains will refuse mail when the RFC5322.From domain does not exist, on the theory that such mail cannot be replied to and therefore should not be accepted, at which point the DMARC mechanism is not applied by the receiver, but that is beyond the scope of our work. -- *Todd Herr * | Technical Director, Standards and Ecosystem *e:* todd.h...@valimail.com *m:* 703.220.4153 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
