On Thu, Mar 7, 2024 at 5:08 AM Alessandro Vesely <[email protected]> wrote:
> On 06/03/2024 21:00, Todd Herr wrote: > > > > Section 4.7, DMARC Policy Discovery, starts with the following sentence: > > > > For policy discovery, a DNS Tree Walk starts at the domain found in > > the RFC5322.From header of the message being evaluated. > > > > I think the above is muddy, [...] > > > > When it comes to policy discovery, if the RFC5322.From domain has a > > published policy record, it's the policy regardless of the value of the > > 'psd' tag, is it not? Step 2 of the Tree Walk would seem to indicate > > that if such a record didn't have psd=n then the Tree Walk would > > continue for policy discovery. > > > > I believe that the first sentence in Section 4.7 should be replaced as > > follows: > > > > For policy discovery, first query for a DMARC policy record at the > > name created by prepending the label "_dmarc" to the RFC5322.From > > domain. If no valid DMARC policy record is found there, then perform > > a DNS Tree Walk starting with the parent domain of the RFC5322.From > > domain. > > > That's not exact. If the From: domain has more than 5 labels you don't > start with its parent domain. > > My take: > > Policy discovery starts by querying the DMARC record for the > RFC5322.From domain, as in step 1 of the DNS Tree Walk. If a record > is found there, that's the policy record, otherwise continue the > DNS Tree Walk . > > You are of course correct, Ale; thank you for spotting my error. -- *Todd Herr * | Technical Director, Standards & Ecosystem *e:* [email protected] *p:* 703-220-4153 *m:* 703.220.4153 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
