On Tuesday, July 24, 2012 03:16:53 PM Steven M Jones wrote: > On 07/24/2012 01:59 PM, Scott Kitterman wrote: > > Thanks for testing. It turns out you have to use all the letters in > > the variable name and not just most of them :-) Fixed. > > Happy to help. Understand that the following is offered solely to help > make the page more useful. > ... > I suggest you consider a little logic to omit the "rf=" tag when there's > no "ruf=" present. Same behavior whether "iodef" or "afrf" is selected, > or both together per above.
What I decided to do is emit a warning as the tag is not syntactically wrong, just useless. I did the same for ri and rua. > The values given for "rua" and "ruf" must be single addresses. > Separating with commas, spaces, or a combination of the two doesn't work. > > There's no detection of URIs entered into the "rua" or "ruf" fields. Any > string has "mailto:"; prepended, regardless of content. > > v=DMARC1; p=none; rua=mailto:mailto:[email protected]; > ruf=mailto:mailto:[email protected]; adkim=r; aspf=r; sp=reject > > v=DMARC1; p=quarantine; rua=mailto:http://dmarc.crash.com/aggreport.php; > ruf=mailto:http://dmarc.crash.com/rufreport.php; adkim=s; aspf=r; > sp=reject This is fixed now. Also for this I emit a warning as every regex I could find for detecting a valid email address warns about it's limitations. I made sure though that common separators like ",", "/", and " " all trigger the warning. I leave it to the user to decide though in case the regex has a false positive of some kind. > > When an option is the default behavior you mention it on the form, which > I like. If they click it you include it, which is no problem. Just > tempting to either omit or warn the user that it's wasting space they > may need in the record if they have a lot of or especially long rua or > ruf URIs. I did not do this. I see your point, but I can also see people wanting to be explicit. I'll thnk about it. > You might consider not setting the "ri=" value lower than 3600. Most > sites aren't going to honor anything below 86,400, which you might > mention on the form in addition to it being the default, but anybody who > does may view sub-hourly intervals as a nuisance. The ri concept seems a bit under specified at the moment. I think the spec should probably specify a floor for this value, then I could do a validity check on it. I'm not sure how much more difficult it is to send very small emails every 10 minutes versus one huge one once a day. I didn't mess with any additional warnings on this yet. Scott K _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
