Your documentation looks great, that's nice of you to have clarified many points for people who might be lost.
If I may, there are a few approximations and false statements though, notably in your description / understanding of DKIM.
DKIM does not enforce in any way Envelope MAIL FROM should match the From header.
In fact, DKIM is a signing system enabled on an authorized sender MTA for a domain name, designed to authenticate the contents of an email (and part of its headers). When an mail server handles an email for a a domain it has signing domain keys for, it will add a new DKIM-Signature header, which will allow a receiving MTA to confirm some parts of the email are authentic and have not been tampered with (usually including the From header).
Hi,
Your documentation looks great, that's nice of you to have clarified many points for people who might be lost. If I may, there are a few approximations and false statements though, notably in your description / understanding of DKIM.
DKIM does not enforce in any way Envelope
MAIL FROM
should match theFrom
header.In fact, DKIM is a signing system enabled on an authorized sender MTA for a domain name, designed to authenticate the contents of an email (and part of its headers). When an mail server handles an email for a a domain it has signing domain keys for, it will add a new
DKIM-Signature
header, which will allow a receiving MTA to confirm some parts of the email are authentic and have not been tampered with (usually including the From header).Cheers