On Tue 19/Jul/2022 22:12:42 +0200 Scott Kitterman wrote:
On July 19, 2022 5:03:47 PM UTC, Alessandro Vesely <[email protected]> wrote:
On Tue 19/Jul/2022 14:32:53 +0200 Scott Kitterman wrote:
On July 19, 2022 8:33:04 AM UTC, Alessandro Vesely <[email protected]> wrote:
On Mon 18/Jul/2022 12:18:00 +0200 Scott Kitterman wrote:
On July 18, 2022 9:37:25 AM UTC, Alessandro Vesely <[email protected]> wrote:
The reason I want to change it is that a mail From: <faked@com> brings the tree
walk process to conclude that .com is an organizational domain, which is wrong.
Since com. doesn't have a DMARC record, the case is already addressed.
Ah, ok. Sorry, I didn't understand that it was a precondition. The numbered
steps look like the algorithm to determine the org domain, embedded into a
guide to message authentication.
Does the change I emailed yesterday make that more clear?
Yeah, calling it a for loop limits its extent somewhat. Its the previous
paragraph which introduces some extra generality:
To discover the Organizational Domain for a domain, perform the DNS
Tree Walk described in Section 4.6 as needed for any of the domains
in question.
Perhaps it could be omitted at this point, or reworded eliminating that /for a
domain/.
I think we need to make clear that the RFC5322.From domain, the
RFC5321.MailFrom domain, and the DKIM d= domain all have their own
organizational domain. I think we need that there to make that clear, so we
can't just delete it.
The paragraph quoted above says none of those.
Do you have a suggested change that doesn't lose that distinction?
Perhaps:
For each Tree Walk that retrieved valid DMARC records starting
from the RFC5322.From domain, the SPF-validated RFC5321.MailFrom
domain, or a DKIM-validated d= domain, select the
Organizational Domain by looping from the longest to the shortest:
?
Best
Ale
--
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
