Hello,
I am doing some research related to DMARC and I found some errors in the
RFC7489 and dmarcbis-07 for ABNF rules
- dmarc-percent RFC7489 :
The rule 'dmarc-percent = "pct" *WSP "=" *WSP 1*3DIGIT' allow '999' as a value.
a corretion could be : 'dmarc-percent = "pct" *WSP "=" *WSP ("100" / 1*2DIGIT)'
- dmarc-record RFC7489 :
The rule 'dmarc-record = dmarc-version dmarc-sep
[dmarc-request]
[dmarc-sep dmarc-srequest]
[dmarc-sep dmarc-auri]
[dmarc-sep dmarc-furi]
[dmarc-sep dmarc-adkim]
[dmarc-sep dmarc-aspf]
[dmarc-sep dmarc-ainterval]
[dmarc-sep dmarc-fo]
[dmarc-sep dmarc-rfmt]
[dmarc-sep dmarc-percent]
[dmarc-sep]'
have dmarc-request as optional but in 6.3 it says that p is "required"
Then i did take a look at draft-ietf-dmarc-dmarcbis-07 and the problem is still
there :
- dmarc-record dmarcbis-07 !
'darc-record = dmarc-version dmarc-sep *(dmarc-tag dmarc-sep)
dmarc-tag = dmarc-request /
dmarc-test /
dmarc-psd /
dmarc-sprequest /
dmarc-nprequest /
dmarc-adkim /
dmarc-aspf /
dmarc-auri /
dmarc-furi /
dmarc-fo /
dmarc-rfm'
Should be replaced by :
'dmarc-record = dmarc-version dmarc-sep dmarc-request dmarc-sep *(dmarc-tag
dmarc-sep)
dmarc-tag = dmarc-test /
dmarc-psd /
dmarc-sprequest /
dmarc-nprequest /
dmarc-adkim /
dmarc-aspf /
dmarc-auri /
dmarc-furi /
dmarc-fo /
dmarc-rfm'
Moreover, On rfc7489 the last "dmarc-sep" is optional meaning that for all txt
records
such as the one for gmail.com"v=DMARC1; p=none; sp=quarantine;
rua=mailto:mailauth-repo...@google.com" the system administrator must
add a ";" at the end. To avoid this source of error i suggest to change
the ABNF as :
dmarc-record = dmarc-version dmarc-sep dmarc-request *( dmarc-sep
dmarc-tag ) [ dmarc-sep ]
- dmarc-fo dmarcbis-07 :
the rule ' dmarc-fo = "fo" *WSP "=" *WSP ( "0" / "1" / ( "d" / "s" / "d:s" /
"s:d" ) )' does not allow the user to have both DMARC failure report
and DKIM/SPF failure report at the same time as '0:d', '1:d' is not allowed.
Best regards,
Olivier HUREAU
---
PhD Student
Laboratoire Informatique Grenoble - UGA - Drakkar
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc