[mail-vet-discuss] Auth-Results issues? #2 headerspec
Murray S. Kucherawy
msk at sendmail.com
Wed Apr 19 15:05:12 PDT 2006
Tony Hansen wrote:
> Unfortunately, the different authentication mechanisms are usually
> looking at totally different things. SIDF uses either or both
> smtp.mailfrom and/or header.{from,sender,resent-from,resent-sender}.
> DKIM potentially uses the entire header *and* the body. CSV uses
> smtp.{helo,ehlo}. BATV uses smtp.mailfrom.
Well the draft doesn't say you MUST combine results evaluating a common thing
onto the same line. It just says you can, especially if one agent (e.g. a
milter) is able to complete two different authentication checks using the same
input data (i.e. the same header). There's nothing wrong with generating one
header per method and result as it's currently defined.
> Also, the results produced by the different authentication mechanisms
> may generate different values, further eliminating commonality.
True, but as designed now, two different methods evaluating the same thing (e.g.
the same header) could report their results using a single A-R header or by
using one header for each result; e.g.:
Authentication-Results: example.net header.From=user at example.com;
method1=pass; method2=fail
Anyway, I'm not really arguing that your idea is a bad one, just explaining
where what's there got its origins. I'll check out the ABNF you proposed and
reply to that one shortly.
More information about the mail-vet-discuss
mailing list