ietf-smtp
[Top] [All Lists]

[ietf-smtp] RFC 8601, clarification needed

2021-05-23 05:27:31
Section 4 of RFC 8601 contains the following paragraph:

    Most known message authentication methods focus on a particular
    identifier to evaluate.  SPF differs in that it can yield a result
    based on more than one identifier; specifically, SPF can evaluate the
    RFC5321.HELO parameter or the RFC5321.MailFrom parameter.  When
    generating this field to report those results, only the parameter
    that yielded the result is included.

The final sentence is unclear to me. Suppose I’m running an SPF
component that evaluates *both* RFC5321.HELO and RFC5321.MailFrom, as
recommended by RFC 7208. I would like to record the results for both
parameters in either of the following (equivalent) forms:

1)

Authentication-Results: mail.example.org; spf=pass smtp.mailfrom=example.com
Authentication-Results: mail.example.org; spf=pass smtp.helo=mail.example.com

2)

Authentication-Results: mail.example.org;
  spf=pass smtp.helo=mail.example.com;
  spf=pass smtp.mailfrom=example.com

A subsequent component could then use these results as input to some
spam score, for example.

Are the above forms allowed? If not, why not? What requirement does the
sentence ‘When generating this field to report those results, only the
parameter that yielded the result is included.’ refer to?

Thank you!


-- 
David

_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp

<Prev in Thread] Current Thread [Next in Thread>