On Mon 04/Apr/2022 15:29:40 +0200 Scott Kitterman wrote:
The diff is relative the last text I posted.
Section 5 has to stay before Section 4. It makes no sense to exemplify
_dmarc.example.com if we haven't yet said that:
Domain Owner and PSO DMARC preferences are stored as DNS TXT records
in subdomains named "_dmarc".
[Current Section 5.1]
Then, let's make a statement like so:
Retrieving the DMARC record of a domain implies the following steps:
1. Prepend the label "_dmarc" to the domain name and issue a DNS Query for
a TXT record at the resulting domain. For example, if the domain is
example.com, query _dmarc.example.com.
2. Collate any string returned, in the order returned.
3. Records that do not start with a "v=" tag that identifies the
current version of DMARC are discarded. If multiple DMARC
records are returned, they are all discarded.
At this point, the algorithm can be expressed in a shorter form like so:
1. Set the current target to the identifier at hand, which is one of the
domain(s) described above.
2. Retrieve the DMARC record of the current target.
3. If the record exists and contains either psd=y or psd=n, stop.
4. Break the current target name into a set of "n" ordered
labels. Number these labels from right to left; e.g., for
"a.mail.example.com", "com" would be label 1, "example" would be
label 2, "mail.example.com" would be label 3, and so forth.
5. Count the number of labels in the current target. Let that number
be "x". If x = 1, stop. If x < 5, remove the left-most (highest-
numbered) label from the subject domain. If x >= 5, remove the
left-most (highest-numbered) labels from the subject domain until
4 labels remain. The resulting DNS domain name is the new target
for subsequent lookups.
6. Go to 2.
Better?
Best
Ale
--
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
