On Mon 03/Jun/2024 15:33:16 +0200 ar wrote:
Am 03.06.2024 um 14:46 schrieb Scott Kitterman:
I think that the current language is accurate, given what RFC 7208 says. I
think people who are going to misread RFC 7208 are going to misread it no
matter what we say here, so we should move on.
I think the DMARCbis draft does conflate the terms "MAIL FROM identity" and
"RFC5321.MailFrom".
Section 4.4.2 of the draft says that "the domain used in the MAIL FROM
identity, which will also be the RFC5321.MailFrom domain in the email message,
is the Authenticated Identifier". The second half of that will be false in the
case of a null sender.
It appears to me that that sentence in the draft is intended to specify only
that one must not validate the HELO in the case of a non-null sender, as is
RECOMMEDED in section 2.3 of RFC7208.
I think it would be clearer to explicitly cite section 2.4 of RFC7208 in
section 4.4.2, while removing the aforementioned passage. Perhaps something like:
Before:
If the authorization is validated, the domain used in the MAIL FROM identity,
which will also be the RFC5321.MailFrom domain in the email message, is the
Authenticated Identifier.
After:
If the authorization is validated, the domain used in the MAIL FROM identity as
defined in section 2.4 of [RFC7208] is the Authenticated Identifier.
+1, good catch.
Best
Ale
--
_______________________________________________
dmarc mailing list -- dmarc@ietf.org
To unsubscribe send an email to dmarc-le...@ietf.org
