On 10/17/2017 05:04 PM, Grant Taylor via Mailman-Users wrote: > On 10/17/2017 05:07 PM, Mark Sapiro wrote: > > My brain is failing to translate "corresponding organizational domains" > to "sub-domains" properly and what that means for strict vs relaxed.
In another thread on mailman-developers, I discussed organizational domains with Lindsay, so I assumed he knew. In summary, every domain has a corresponding organizational domains which may be the same or a "super" domain. In short, the organizational domain is the domain that might be found in whois. For "common" tlds like .com, .org, net, .edu, etc. the organizational domain is the top two levels. E.g. the organizational domain for some.sub.domain.example.com is example.com, but it's much more complicated than that. See <https://publicsuffix.org/list/> if you want to know more. >> So the bottom line is as an "unaffiliated" relay without munging From:, >> SPF will never pass for DMARC and DKIM will only pass if you don't >> transform the message in ways that break the From: domain's DKIM >> signature. > > I assume that you're talking about the SMTP envelope from and not the > From: header. No. I could have slipped, but when I write From: domain, I mean the domain of the address in the From: header (That's what DMARC is all about - verifying that the message actually came from the domain of the address in the From: header). If I mean the domain of the envelope from, I try to use that phrase, but in the context of DMARC that domain is only relevant for SPF and only if it "aligns" with the From: domain. -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
