[Top] [All Lists]

Re: [ietf-smtp] Error in RFC 5321 concerning SPF and DKIM

2014-07-20 13:47:10
On Sun, 20 Jul 2014 12:37:25 -0400, Dave Crocker said:

Simply put:

     RFC 5321 has some text about SPF and DKIM that is
     simply wrong.

     Given the continuing community confusion about what
     SPF and DKIM do and do not do, I think that having
     the SMTP document perpetuate erroneous views is
     significantly problematic.

You are correct, neither of the methods cited in the offending sentence
in the RFC actually *validate* the return address as a usable destination
for a bounce message.  They may make assertions about "that source is
authorized to send mail with that purported address", or "that mail in fact
came from us", but those are subtly different than "Return-Path: is valid and
may be used as a destination".  And out in real life, there are actual spammers
taking widespread advantage of the salami-slicing possible between the
subtle distinction.

As such, yes, the entire sentence should be heaved over the side.

Attachment: pgpqG1Lmln5GH.pgp
Description: PGP signature

ietf-smtp mailing list
<Prev in Thread] Current Thread [Next in Thread>