Greetings. This is a companion thread to the "Let's Work on the Tree Walk Text" thread that I started on February 16.
The goal of this thread is to come up with a new revision of section 4.6 of dmarcbis that better captures current group thinking on what the process for discovery of the Organizational Domain should be. In dmarcbis-05, that process involved a reverse tree walk. Current text follows. ------------------------------------------- cut here ---------------------------------------------- 4.6. <https://www.ietf.org/archive/id/draft-ietf-dmarc-dmarcbis-05.html#section-4.6>Determining the Organizational Domain <https://www.ietf.org/archive/id/draft-ietf-dmarc-dmarcbis-05.html#name-determining-the-organizatio> For any email message, the Organizational Domain of the RFC5322.From domain is determined by performing a DNS Tree Walk in the reverse order described in Section 4.5 <https://www.ietf.org/archive/id/draft-ietf-dmarc-dmarcbis-05.html#dns-tree-walk>. The target of the search is a valid DMARC record that contains a psd tag with a value of 'y'. Once such a record has been found, the Organizational Domain is the target domain that would be queried in the next step in this reverse tree walk. If the first DMARC record returned does not contain a psd tag with a value of 'y', that domain is the Organizational Domain. If the maxmimum depth of the reverse DNS Tree Walk is reached without a DMARC record being located, the RFC5322.From domain is the Organziational Domain. For example, given the RFC5322.From domain "a.mail.example.com", a series of DNS queries for DMARC records would be executed starting with "_dmarc.com" and potentially finishing with "_dmarc.a.mail.example.com". If the "_ dmarc.com" record contains a psd tag with a value of 'y', then the Organizational Domain for this RFC5322.From domain would be determined to be "example.com", the domain of the DMARC query executed after the query for "_dmarc.com". <https://www.ietf.org/archive/id/draft-ietf-dmarc-dmarcbis-05.html#section-4.6-2> Note: If no applicable DMARC policy is discovered for the RFC5322.From domain during the first tree walk, then there is no need to search for an Organizational Domain, as the DMARC mechanism does not apply to the message in question. ------------------------------------------- cut here ---------------------------------------------- -- *Todd Herr * | Technical Director, Standards and Ecosystem *e:* [email protected] *m:* 703.220.4153 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
