Thanks for the question. At this stage, we don't have an answer for this, since DKIM2 isn't finalised, however I would suggest that something like SRS for the return address would work if that's how you wanted to handle the return-path.
However - there is no requirement that the return-path generation be the same across different sites, which is why it doesn't need to be standardised, you can do whatever works for your architecture, so long as you create an address which is aligned with the domain you're using to sign. It could be just a single address for all emails and parse the signatures on the DSN to determine what to do, or you could generate a unique address per message and do a database lookup to decide how to handle it. Entirely up to you! Regards, Bron. On Mon, Nov 3, 2025, at 11:11, [email protected] wrote: > Hi there, > > I have a question about DKIM2. > > I understand that DKIM2 requires forwarders to rewrite the Envelope-From. > In other words, I think something like SRS (Sender Rewrite Scheme) would be > required. > Is that correct? > If so, since SRS is not standardized as an RFC, what spec should we follow? > > Regards, > > -- > Internet Initiative Japan Inc. > Tabata Shintaro <[email protected]> > > > _______________________________________________ > Ietf-dkim mailing list -- [email protected] > To unsubscribe send an email to [email protected] > -- Bron Gondwana, CEO, Fastmail Pty Ltd / Fastmail US LLC [email protected]
_______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
