On Sat, Feb 17, 2018 at 3:49 AM, John Levine <[email protected]> wrote:
> Seems fine, although I've long found 7601 one of the most mysterious RFCs > ever published. > Why's that? (And why wasn't this mentioned when 7601 or any of its antecedents was in last call? No errata?) > The IANA registry says that there is a dkim header.i property defined > in RFC7601, but the only place it appears in 7601 is in examples in > Appendix B. > 7601 says: DKIM results are reported using a ptype of "header". The property, however, represents one of the tags found in the DKIM-Signature header field rather than a distinct header field. So "header.d" means the d= tag, "header.i" means the i= tag, etc. Those are the only two identifiers DKIM evaluates, so they're the only ones that were ever registered. 7601bis loosens the language about what's appropriate to send downstream, from being only authenticated identifiers to also allowing other related stuff that downstream agents might want to use or log. That means things like "s" and "a" are now in play. Section 2.4 says that a "policy" property is how you report a local > policy that overrides the regular result, but I see policy=reject in > reports about DMARC where it's just copying the p= from the _dmarc > record. Is that right? If not, where if anywhere should it be > reported? > That would be "dmarc=fail policy.dmarc-rules=arc-failure", where "dmarc-rules" and "arc-failure" are things the rejecting operator is free to invent for its own records. -MSK
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
