[Top] [All Lists]

Re: [ietf-smtp] Domain names in the presence of CNAME records

2013-05-08 07:39:37

--On Tuesday, May 07, 2013 22:05 +0200 "Rolf E. Sonneveld"
<R(_dot_)E(_dot_)Sonneveld(_at_)sonnection(_dot_)nl> wrote:

The receiving server can treat the address any way it wants

Agreed, with only one remark: the receiving server that
rewrites the domainpart of RFC5321.MailFrom and/or
RFC5322.From before performing SPF and/or DKIM verification,
loses the ability to _reliably_ perform SPF and/or DKIM
verification after rewriting.

Let me say what may be the same thing a little differently.

The delivery MTA ("receiving server") pretty much has to know
all of the domains under which it will receive mail.  Certainly
that is a necessity for any sort of rewriting.  If that server
rewrites things incorrectly, or fails to account for the
side-effects of rewriting, various bad things will happen.  The
effects on signed headers or fancy attempts to match header
information with additional (non-address, non-MX) information in
the DNS (including, but not limited to SPF and DKIM) are just
some of those bad things.


ietf-smtp mailing list