On January 25, 2022 12:46:48 AM UTC, John Levine <[email protected]> wrote:
>It appears that Scott Kitterman <[email protected]> said:
>>What I implemented is roughly:
>>
>>For policy determination, first check the From domain, if that has a DMARC
>>record, then that's the policy domain. Otherwise, tree walk up to the apex
>>looking for DMARC records. First domain you find with a record is policy
>>domain, use the policy (p=, sp=, np=) from that domain's DMARC record. This
>>matches my interpretation of dmarcbis-04.
>>
>>For org domain determination (for alignment), if any of the records retrieved
>>during the policy search have psd=y, then add one more label and that's the
>>org domain (as written). From there it's anyone's guess. Unlike John, I
>>continued down the tree and made the first match the org domain.
>
>Seems reasonable. What's the point of going more than one level below the PSD?
>Make it look more like a pure tree walk?
Yes. For consistency. You'd walk down until you hit a non-psd record or the
limit. Stopping at one more after the psd=y record is an optimization for a
relatively rare case of a PSD record. Other than that case you have to keep
going until you find a DMARC record or hit the limit, since there's no knowing
what's a PSD otherwise.
Scott K
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
