Scott Kitterman wrote:
My Technical recommendation.
1) For 4871bis, we should consider relaxing the 5322.From
binding requirement from a MUST to a SHOULD. This will help
justify its new words of "separating the signer domain from
the author domain." There is no separation until the 5322.From
binding requirement is relaxed.
As discussed during the original DKIM development effort, this
is about protecting content from modification. The base DKIM spec
already doesn't treat 5322.from specially, so such a change in not
needed to meet your specified goal.
Excuse me if I don't understand your reading. 5322.From is the only
header that is required hashing. Is that not a special consideration?
I think it will serve the community interest to find out why this
large MTA vendor revised there open source software three years later
presumably after extensive field operations to include a new option to
relaxed the 5322.From binding.
Thanks for your input.
Hector Santos, CTO
NOTE WELL: This list operates according to