On 2022-03-21 at 15:28:28 UTC-0400 (Mon, 21 Mar 2022 20:28:28 +0100) Sebastian Nielsen via mailop <sebast...@sebbe.eu> is rumored to have said:
Im talking about matching MAIL FROM (which is hidden from user, but authenticated via SPF/DKIM)
DKIM does not authenticate the MAIL FROM (envelope sender) address. It provides proof that the message body and selected headers have not changed on the transport path between the identified signer and the recipient. DKIM is strictly about the message data NOT its transport.
to the MIME FROM ("From:" header in MIME data), thus guaranteeing that the address shown in From: is also a authenticated address.
See DMARC. DMARC is how DKIM can be used to authenticate a From header address. If the From header address domain aligns to the envelope sender domain, SPF can be used to authenticate both under DMARC.
-- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
