Hi Florian,
I represent a platform that sends mail on behalf of our customers but we
maintain a separate 5321.From that points back to us.
We dual-sign messages using the client domain and our own domain, but these
do not align. We rely on DKIM alignment to pass a DMARC test.
Example:
5321.MailFrom: {encoded local part}@ourcompany.com
5322.FromHeader: r...@customer.com
DKIM 1: customer.com
DKIM 2: ourcompany.com
I can provide real-world samples off-list, but the gist I'm getting from
all this is that since I don't have SPF alignment, these messages will get
rejected?
Regards,
Dave
On Mon, Apr 12, 2021 at 3:39 PM Florian.Kunkel--- via mailop <
mailop@mailop.org> wrote:
> Hi Luke, *!
>
> /
> Has anyone gotten a firm answer on these scenarios yet?
> 5321.from: mailto:boun...@srv12.example.com
> 5322.from: mailto:cont...@example.com
> The vast majority of our customers will have a subdomain on the 5321 from
> that isn't present on the 5322 from. I'd like to know if this is a problem.
> \
>
> you are asking for non strict alignment? ... yes that should be ok, as
> long it's a subdomain to your domain (and not to a public suffix).
> at least I'm not jet aware of an abusive scenario so far.
>
>
> /
> I'd also like to hear confirmation that messages with 2 DKIM signatures
> will still "pass" if one matches the 5322 and one doesn't.
> \
>
> we'll love if one signature matches both from; 5321 AND 5322.
> additional valid signatures welcome, ideally matching the sending
> infrastructure.
>
> hth
>
> Florian
>
> _______________________________________________
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
