From: nunojsilva@invalid.invalid   
      
   On 2025-10-11, Adam H. Kerman wrote:   
      
   > Barryedwin1  wrote:   
   >   
   >>>. . .   
   >   
   >>Yes, that was my problem too.   
   >>DKIM on my ISP's email server, requires the email sender's 'From'   
   >>address to agree with the email user's email identity for authentication   
   >>(claims all other 'From' usage is 'spoofing', even though it is my real   
   >>gmail address.   
   >>If I want too, I can get the ISP to accept the gmail sender-address, by   
   >>dancing through hoops with gmail to authenticate that usage for the   
   >>local ISP, which involves some sort of permit-token for the local ISP's   
   >>email server (presumably within DKIM), but as I can just switch to the   
   >>SeaMonkey browser to send gmail messages, I haven't bothered. HTH   
   >   
   > It's not within DKIM. DKIM comes after From has been set.   
   >   
   > In my case, I authenticate, then can use any From address I like, even   
   > from a foreign domain. That does not mean the message will be delivered.   
   >   
   > For instance, a friend I do business with will send me email via his   
   > ISP's MX but with the domain he controls on From. My MX rejects it   
   > because the TXT record associated with the domain he controls is set to   
   > strict and not loose. That's an instruction to everyone else that if the   
   > message with that domain on From isn't sent via the the domain's default   
   > MX to reject the connection.   
      
   The initial section of the English Wikipedia article on SPF [1]   
   indicates that SPF validation would (should?) look at *Envelope* From,   
   not the header "From:"?   
      
   [1] https://enwp.org/Sender_Policy_Framework   
      
   Or is this something servers often mishandle?   
      
   > We don't even get to the point of validating DKIM.   
      
      
   --   
   Nuno Silva   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)