<div dir="ltr">Trever,<div><br></div><div>I use Postfix rather than sendmail, but it sounds like this is an issue that can be handled what postfix calls canonical maps. However, I cannot recall if the headers are correctly updated, but I think they are. I do not recall seeing problems with DKIM or SPF when used with canonical maps, but I could be wrong. It happens all the time. Just ask my wife. </div>
<div><br></div><div><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, May 7, 2014 at 5:35 AM, Mark Sapiro <span dir="ltr"><<a href="mailto:mark@msapiro.net" target="_blank">mark@msapiro.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="">On 05/06/2014 08:03 PM, Furnish, Trever G wrote:<br>
> Hi, Mark. It's not breaking dkim, it's violating the receiver's implementation of SPF, which appears to be looking not just at the envelope header, but also at message headers -- I wonder whether this means they have actually implemented SenderID rather than SPF.<br>
<br>
<br>
</div>If the message is DKIM signed by the domain of the address in From:, it<br>
should pass DMARC as long as the signature is valid.<br>
<br>
The tests are:<br>
Is there a valid DKIM signature with a d= domain that "aligns" (a DMARC<br>
technical term) with the domain of the From: address<br>
<br>
or<br>
<br>
Does the server pass SPF and does the domain of the envelope sender (the<br>
SPF domain) "align" with that of the From: header.<br>
<br>
Forwarding will break SPF alignment, but if there is an original DKIM<br>
sig and it is valid, the message should still pass DMARC.<br>
<br>
See the spec at<br>
<<a href="https://datatracker.ietf.org/doc/draft-kucherawy-dmarc-base/" target="_blank">https://datatracker.ietf.org/doc/draft-kucherawy-dmarc-base/</a>> and lots<br>
of descriptive info at <<a href="http://www.dmarc.org/" target="_blank">http://www.dmarc.org/</a>><br>
<div class="HOEnZb"><div class="h5"><br>
--<br>
Mark Sapiro <<a href="mailto:mark@msapiro.net">mark@msapiro.net</a>> The highway is for gamblers,<br>
San Francisco Bay Area, California better use your sense - B. Dylan<br>
--<br>
MailScanner mailing list<br>
<a href="mailto:mailscanner@lists.mailscanner.info">mailscanner@lists.mailscanner.info</a><br>
<a href="http://lists.mailscanner.info/mailman/listinfo/mailscanner" target="_blank">http://lists.mailscanner.info/mailman/listinfo/mailscanner</a><br>
<br>
Before posting, read <a href="http://wiki.mailscanner.info/posting" target="_blank">http://wiki.mailscanner.info/posting</a><br>
<br>
Support MailScanner development - buy the book off the website!<br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div dir="ltr"><div><div><br>--<br></div>Jerry Benton<br></div>Mailborder Systems<br><a href="http://www.mailborder.com" target="_blank">www.mailborder.com</a><br>
</div>
</div>