On Apr 18, 2023, at 1:11 PM, Alessandro Vesely <ves...@tana.it> wrote: > > Perhaps when DMARC will work smoothly, someone will find out how to tell > legitimate rewriting from plain spoof. >
Lookup DMARC record and begin to piggy back off this lookup: - Check for rewrite=1 tag indicating allowance to rewrite. - Check for asl= or atps=y signer authorization. If the domain tells the resigner he can destroy the authorship, you now have a legitimate protocol negotiated handshake/contract. I prefer if there was an explicit authorization using asl= or atps=y, but an open ended rewrite=1 tag is fine, I think. It is permission the domain is giving to resigners. — HLS _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc