On Sat 07/Nov/2020 10:52:44 +0100 Steven M Jones wrote:
On 11/7/20 1:11 AM, Alessandro Vesely wrote:
On Fri 06/Nov/2020 14:57:46 +0100 Todd Herr wrote:
On Fri, Nov 6, 2020 at 7:27 AM Douglas E. Foster wrote:
It makes no sense to allow "p=" missing. Why would we suggest that all
existing implementations alter their code to tolerate additional
unnecessary complexity, rather than requiring domain administrators to key
a few more characters so that code changes will not be necessary?
Are there really implementations that choke on missing p=?
How about "v=DMARC1; p=none; p=quarantine;"?
I'm pretty sure both cases would be invalid as DMARC policy records, in which
case they should be ignored.
I don't think so. The current draft says:
6. If a retrieved policy record does not contain a valid "p" tag, or
contains an "sp" tag that is not valid, then:
1. if a "rua" tag is present and contains at least one
syntactically valid reporting URI, the Mail Receiver SHOULD
act as if a record containing a valid "v" tag and "p=none"
was retrieved, and continue processing;
If an implementation is trying to do something with invalid records like
these, particularly one with multiple "p=" tags, then that would be a
problem.
Invalid or repeated p= tags are a problem, but possibly they don't completely
disqualify a record. So the question becomes "How does a missing p= tag differ
from an invalid one?"
This is a marginal question, to define the syntax of a DMARC record as simply
as possible (but not simpler). I added a comment to ticket #7[*] with a
proposed syntax. IMHO the spec should just mention undefined behavior or some
such, without trying to impose overly strict commitments —given that parsers
have to deal with the possibility of non-conforming records anyway.
This question is not related with splitting policy into its own document.
Best
Ale
--
[*] https://trac.ietf.org/trac/dmarc/ticket/7#comment:4
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
