[dmarc-discuss] please clarify

A. Schulze sca at andreasschulze.de
Tue Apr 5 00:55:42 PDT 2016

Roland Turner via dmarc-discuss:

> Yes. In all of the cases above, the Organizational Domain for both  
> RFC5322.From and the DKIM/SPF authentication is example.com,  
> consequently they match in relaxed mode. The same would be true for:
> - RFC5322.From: a.example.com
> - DKIM or SPF authentication identifier: b.example.com
> Consideration 10.4 is exactly about what happens when independent  
> and/or potentially hostile parties have control of sub-domains.

Thanks. That was new to me.
Why was DMARC defined in that way?


More information about the dmarc-discuss mailing list