On 30 Jan 2021, at 13:57, John R Levine wrote:
This is DMARC -- the HELO domain has to match the header From: and
there
has to be an SPF record that validates it.
True, but only if the MAIL FROM address is null and there isn’t a
valid aligned DKIM signature.
True, but I don't see why that matters.
Just confirming the context of your earlier statement.
Because that's how DMARC works. The header From has to match a DKIM
or SPF identity.
Part of the problem here is that DMARC generally sits on top of an SPF
library which doesn't tell you how it got its result. My DMARC code
just calls the SPF library and uses the result. I suppose I could put
in a hack to say don't use the SPF result if the MAIL FROM is null,
but I don't think that's what 7489 says.
Are changes to 7489 off the table here? I didn’t know.
-Jim
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
