Colleagues, Murray's post on RFC 7489 errata got me thinking that some language associated with the Tree Walk could stand a bit more clarity.
Section 4.7, DMARC Policy Discovery, starts with the following sentence: For policy discovery, a DNS Tree Walk starts at the domain found in the RFC5322.From header of the message being evaluated. I think the above is muddy, especially given that step 2 of the Tree Walk reads: Records that do not start with a "v=" tag that identifies the current version of DMARC are discarded. If multiple DMARC records are returned, they are all discarded. If a single record remains and it contains a "psd=n" tag, stop When it comes to policy discovery, if the RFC5322.From domain has a published policy record, it's the policy regardless of the value of the 'psd' tag, is it not? Step 2 of the Tree Walk would seem to indicate that if such a record didn't have psd=n then the Tree Walk would continue for policy discovery. I believe that the first sentence in Section 4.7 should be replaced as follows: For policy discovery, first query for a DMARC policy record at the name created by prepending the label "_dmarc" to the RFC5322.From domain. If no valid DMARC policy record is found there, then perform a DNS Tree Walk starting with the parent domain of the RFC5322.From domain. I think Section 4.8 is okay, because a Tree Walk will always have to be performed for Organizational Domain Discovery, but for Policy Discovery, the Tree Walk is only necessary if there's no policy published specifically for the RFC5322.From domain. I've created Issue #128 for this. -- *Todd Herr * | Technical Director, Standards & Ecosystem *e:* [email protected] *p:* 703-220-4153 *m:* 703.220.4153 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
