In section 4.8. Organizational Domain Discovery, we have:
Note: There is no need to perform Tree Walk searches for
Organizational Domains under any of the following conditions:
...
* There is no SPF pass result and no DKIM pass result for the
message. In this case, there can be no DMARC pass result, and so
the Organizational Domain of any domain is not required to be
discovered.
---
We would still want to find a record to know who to send failure
reports to no? And this would involve some sort of tree walk if the
MAIL FROM doesn't have a record. Should it be changed to something it
like:
* There is a DMARC record at the RFC5321.MailFrom domain and there
is no SPF pass result and no DKIM pass result for the
message. In this case, there can be no DMARC pass result, and so
the Organizational Domain of any domain is not required to be
discovered.
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
