Franck Martin <[email protected]> responds to my suggestion for text for 4.1:
>> [SPF], which authenticates: >> - the domain found in an [SMTP] HELO or EHLO command >> (the "HELO result"), and/or >> - the domain found in an [SMTP] MAIL command, or the domain >> found in the HELO/EHLO command if the MAIL command has a >> null path (the "MAIL FROM" result). >> It is not specified whether DMARC uses the "HELO result" >> or the "MAIL FROM result"; implementations differ. > Your text is clearer but replace the last sentence by: > DMARC uses the MAIL FROM result. > > If you look Terri's, my implementation, which is used at > least by another large ISP, and Tim's conformance tests, > that were used for much code out there. Then I can say DMARC > uses the MAIL from result today. I cannot speak for everyone, > but this is what I feel is true out there. > > I have not seen any evidence that DMARC uses the HELO result, > so your implementation differ is conjecture. Not quite conjecture; it's based on Murray writing, a few days ago: MK> I can say that OpenDMARC consumes the Authentication-Results MK> field, or the Received-SPF field if the former isn't there, MK> but it prefers a result based on MAIL FROM over one based on MK> HELO if both are present. But it will use both. Perhaps I misunderstood him? I certainly have no objection to Scott's text, which he proposed in another message, assuming it is correct, which I certainly don't feel qualified to comment on. My efforts have been aimed at making things clear - whether they are correct has to be someone else's call! ;-) Anne. -- Ms. Anne Bennett, Senior Sysadmin, ENCS, Concordia University, Montreal H3G 1M8 [email protected] +1 514 848-2424 x2285 _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
