On Tuesday, July 24, 2012 04:57:44 PM Paul Kincaid-Smith wrote: > During interop testing last week, we discovered that some DMARC > verifiers mistakenly sent reports to unauthorized 3rd party domains. > For example, if I'm publishing a DMARC record for sendgrid.org , but I > want reports to be sent to a sendgrid.com address, some additional DNS > TXT records must be published. See the (sometimes overlooked) sections > 15.6 and 8.2 of the spec, which explain how to properly authorize a > 3rd party (external) domain to receive reports. > > Please extend your assistant to detect when the domains in the rua or > ruf fields differ from the main domain, and show users how to set up > additional TXT records as per section 8.2.
That shouldn't be too hard to do. I'll put it on my list. Also, I've added some email address validation code for ruf and fua addresses based on the earlier feedback. There's still more input validation to do though. Scott K _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
