After studying authentication mechanisms available to prevent e-mail spoofing, still I don’t understand how to choose between the relaxed alignment and the strict alignment in DMARC for SPF and DKIM, apart from parent/child domain considerations. I did not find useful information in RFC 7489 on an eventual weakness of the relaxed alignment. Though I understand perfectly how these 2 alignments work, my questions are:
- Is it bad to use a relaxed alignment compared to the strict alignment?
- Are there any weaknesses when using the relaxed alignment with SPF, DKIM, or both?