----- Original Message ----- > From: "Stephen Nightingale" <[email protected]> > To: [email protected] > Sent: Thursday, September 17, 2015 7:48:03 AM > Subject: [dmarc-ietf] Forensic Reports > > > I have been looking at Forensic Report generation and I note that the > specification points to a number of different sources: > > - rfc7489 DMARC points to rfc6591 AFRF, plus DMARC additions in section > 7.3.1 > - 6591 specifies additions to the Abuse Reporting Format, rfc5965. > - rfc5965 ARF lightly references rfc3462, the Multipart/Report content type. > > I am teasing this out to generate actual reports. Re-ordering the > evolving spec elements gives: > > - rfc3462 Multipart/Report > - modified by rfc5965 Abuse Reporting Format > - modified by rfc6591 Authentication Failure Reporting Format using ARF > - with the addition of rfc6651 AFRF-DKIM > - and rfc6652 AFRF-SPF > - modified by rfc7489 DMARC, section 7.3.1. > > Is there an updated and clarified public spec somewhere, along similar > lines? Would it be useful to create such a spec, and possibly include it > as an appendix to any future update to rfc7489? I am willing to pull > this together if this would be a useful contribution.
We like to call them now "Failure Reports" because "forensic" gets the Snowden alarm on.... You may want to look at this code: https://github.com/linkedin/dmarc-msys/blob/master/dmarc.lua#L440 _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
