Hacker News new | past | comments | ask | show | jobs | submit login

It needs to say something like Reply To MUST match From, if not the email client MUST display a visual representation

I don't see that kind of thing in an RFC anywhere though?




I think the "problem" shown in this article is when Gmail shows the "via" text when the From domain is different to the signature header.

It's very common to have From addresses different to Reply To; a contact form for example should do this.


DMARC RFC says something along those lines (Identifier Alignment).

With DKIM anyone can sign the email, its up to the verifier to decide who to trust and how to represent that. DMARC formalises who you should trust (i.e. the domain key for the sender).

p.s. It seems you can click on the "via" in gmail and it gives you some (rubbish and borderline misleading) information.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: