On Oct 18, 2023, at 7:24 AM, Todd Herr <todd.herr=40valimail....@dmarc.ietf.org> wrote:
Why do we need to support relaxed alignment at all?
A common use case for relaxed alignment is when an organization (e.g., WeSellStuff) employs a third party Email Service Provider (e.g., WeSendEmail) to send mail on the organization's behalf. In that case, we might have the following:
The above configuration allows for WeSendEmail to manage the SPF record for bounces.wesellstuff.com and for an MX record for bounces.wesellstuff.com to be pointed at WeSendEmail, so that they can handle bounce processing and other Delivery Status Notifications. It also allows for WeSendEmail to DKIM sign on behalf of WeSellStuff using a dedicated subdomain that is delegated to WeSendEmail, which can publish the public key in DNS and generate the private key and keep it private to use for signing mail it sends.
Meanwhile, WeSellStuff only has to delegate responsibility for those parts of the DNS that are specific to WeSendEmail's sending to WeSendEmail.
Yes, strict alignment would be *very* disruptive to a LOT of senders. |
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
