[Top] [All Lists]

Re: [ietf-smtp] Error in RFC 5321 concerning SPF and DKIM

2014-09-23 16:28:52

On Sep 14, 2014, at 2:57 AM, Frank Ellermann 
<hmdmhdfmhdjmzdtjmzdtzktdkztdjz(_at_)gmail(_dot_)com> wrote:

I think any reference to DKIM better belongs to a hypothetical 5322bis.
Whatever it does, it's not related to the envelope.

Makes sense, that's how SPF + DKIM were designed.  SPF for SMTP
+ DNS + Return-Path, DKIM not depending on SMTP for full message
header lines including a From:.

I agree some reference to SPF would make sense (for the purposes
of Dave's erratum though I think removing the sentence in question
is the best solution).

Not mentioning SPF would be odd, after all its "FAIL" feature fixes a
serious 2821-SMTP issue.  It could go into the security considerations.

Dear Frank,

SPF -all assertion caused erroneous message handling (~ few percent) generally 
leading to the assertion being ignored on received email unless accepted but 
bounced for other policy reasons.  IMHO, this failure caused DMARC to require 
combined failures of DKIM and SPF as a rejection basis.  As such, DMARC needs 
to recommend against SPF only rejection.  Attempts to defined this separately 
could lead to contradictions.

Douglas Otis
ietf-smtp mailing list

<Prev in Thread] Current Thread [Next in Thread>