On 03/29/2017 09:12 AM, William Herrin wrote:
Both SPF and DKIM are meant to be checked against the domain in the envelope sender (SMTP protocol-level return address) which the NANOG list sets to [email protected]. Checking against the message header "from" address is an incorrect implementation which will break essentially all mailing lists.
That may be what the original intent was.Every SPF implementation I've seen has checked the SMTP envelope FROM address /and/ the RFC 822 From: header address.
Granted, that does not mean that it's the correct behavior. -- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
