Several differences:
I am not worried about From authentication of ESP messages because I have
concluded that the major ESPs can be trusted to authenticate their
clients. The client might be malicious, but the identity will not be
forged.
Along the same lines, ESPs are not doing forwarding so I
> On Jun 7, 2024, at 1:14 AM, Richard Clayton wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> In message il.com>, Douglas Foster writes
>
>> Google applies annotation signatures from ..
>> gappsstmpt.com, with periods replaced in the domain name.
>> Microsoft applies proxy s
I have 1603 messages from google.com servers that are not signed by the
>From domain. These are all domains other than Gmail.
All but 18 messages are proxy signed with a d= of the form
{domain}.{digits}.gappssmtp.com. At least some of the exceptions are known
to be forwarded messages where a pro
On Fri, Jun 7, 2024 at 1:14 AM Richard Clayton
wrote:
> >Is this worth standardizing as a best practice (in a future document)?
>
> Since the WG declined to provide an indicator for "ignore SPF when there
> is a valid aligned DKIM signature" I doubt this has much chance of
> widespread approval,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
In message , Douglas Foster writes
>Google applies annotation signatures from ..
>gappsstmpt.com, with periods replaced in the domain name.
>Microsoft applies proxy signatures from .onmicrosoft.com
pretty much every ESP adds a DKIM signature of thei