> -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of Scott > Kitterman > Sent: Friday, February 10, 2012 4:16 AM > To: [email protected] > Subject: Re: [marf] I-D Action: draft-ietf-marf-as-07.txt > > Allesandro provided a scenario that I think is reasonable. If you add: > > (i.e. a message with DKIM pass for the same domain) > > at the end and change "expected to fail" to "not definitive" I think > I'm good.
Slightly different, and assuming I got your proposal right: Similarly, if a report generator applies SPF to arriving messages, and that evaluation produced something other than a "Pass", "None" or "Neutral" result, a report addressed to the RFC5321.MailFrom domain SHOULD NOT be generated as it might be a forgery and thus not actionable. A valid exception would be specific knowledge that the SPF result is not definitive for that domain under those circumstances (e.g., a message that is also DKIM-signed by the same domain, and that signature validates). That work? -MSK _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
