[dmarc-discuss] please clarify
roland.turner at trustsphere.com
Tue Apr 5 00:39:32 PDT 2016
A. Schulze wrote:
> I have a question about DMARC alignments.
> the usual case:
> - RFC5322.From: sub.example.com
> - DKIM or SPF authentication identifier: example.com
> -> this is aligned in relax mode.
> - RFC5322.From: example.com
> - DKIM or SPF authentication identifier: sub.example.com
> Is this a relax alignment?
> At least https://tools.ietf.org/html/rfc7489#section-10.4 suggest it is.
Yes. In all of the cases above, the Organizational Domain for both RFC5322.From and the DKIM/SPF authentication is example.com, consequently they match in relaxed mode. The same would be true for:
- RFC5322.From: a.example.com
- DKIM or SPF authentication identifier: b.example.com
Consideration 10.4 is exactly about what happens when independent and/or potentially hostile parties have control of sub-domains.
More information about the dmarc-discuss