On Fri, Apr 08, 2016 at 05:16:00PM +0200, David Schweikert wrote:
> > It may also be helpful to explain that the "domain" for which the
> > STS client is doing policy lookup is not necessarily the domain
> > part of the recipient address(es) in the message envelope. While
> > these are typically the same, in some cases the nexthop domain may
> > be a "smarthost" relay or a manually configured nexthop for a set
> > of designated recipient domains.
>
> I don't understand this: why would the STS client do a policy lookup not
> on the recipient address? I understand that you can have a different
> nexthop specified in your transport map, but why look that up instead of
> the recipient address domain?
Because STS is *transport* policy. Not end-to-end policy. Given
that you expected otherwise, this definitely needs to be explained.
Just because email is ultimately going to say Gmail, if my nexthop
relay is some corporate outbound smarthost, the relevant STS policy
is for that relay, not the destination domain.
--
Viktor.
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
