> On Jun 7, 2024, at 1:14 AM, Richard Clayton <rich...@highwayman.com> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> In message <cah48zfwlkz_cryjtf0r5wc1c12-x_xtakesxu2rzszma3xo...@mail.gma
> il.com>, Douglas Foster <dougfoster.emailstanda...@gmail.com> writes
>
>> Google applies annotation signatures from <domainname>.<digits>.
>> gappsstmpt.com, with periods replaced in the domain name.
>> Microsoft applies proxy signatures from <domainfragment>.onmicrosoft.com
>
> pretty much every ESP adds a DKIM signature of their own ... it will not
> in general be aligned, but the DMARC reports will provide useful info.
Yes, there’s almost always a default signature signed by a domain owned by the
ESP.
I think that’s this practice was started, in part, to ensure getting
successfully on all the feedback loops. Now obviously you can add a second
signature signed with your own domain. With many of the larger ESP’s, as we
likely all know already, aligned SPF isn’t an option. You can DKIM sign but you
have to leave the envelope from to the ESP.
Neil
_______________________________________________
dmarc mailing list -- dmarc@ietf.org
To unsubscribe send an email to dmarc-le...@ietf.org
