Hi,
> dmarc-record = dmarc-version dmarc-sep *(dmarc-tag dmarc-sep)
The problem there is the dmarc-sep must be present at the end. Indeed,
as defined in RFC7489 it is not mandatory and a lot of current existing
DMARC records do not ends with dmarc-sep : 74.05% of the valid DMARC
records I found on the top 5m domain list tranco.Even if i don't like
taking GAFAM as an example, look at google's dmarc.
If i remember well, it already has been discuss in April.
As it, I propose this rule :
dmarc-record = dmarc-version *(dmarc-sep dmarc-tag) [ dmarc-sep ]
> dmarc-fo = "fo" *WSP "=" *WSP ( "0" / "1" / ( "d" / "s" / "d:s" /
"s:d" ) )
What about domain owner that have a value that is not listed there ? ex:
"1:d" or even "1:d:s" ? (4.59% of explicit fo tags, from my measurements)
Do you also want to talk about ABNF for aggregate report in
https://datatracker.ietf.org/doc/draft-ietf-dmarc-aggregate-reporting/ ?
(or RFC7489) ?
From the passive measurements that i did for dmarc aggregate report (48
monitored domains ,7135 aggregate report from 206 different reporting
orgĀ ) : only 4 organization strictly follow the formal definition for
the name of the subject, the attachment or the rapport itself.
Best regards,
Olivier Hureau
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc