I opened a GitHub issue
(https://github.com/ietf-wg-dmarc/draft-ietf-dmarc-failure-reporting/issues/6)
for the text in this section and am proposing the following change.
This brings the language inline with what appears in
aggregate-reporting, and fleshes out the reason for the requirement.
Current text:
|If the target domain of a mailto address of a ruf= tag is not the same
as the DMARC record domain where the tag was found, the report generator
MUST verify that the target domain acknowledges sending those reports;
the procedure is described in Section 3 of
[I-D.ietf-dmarc-aggregate-reporting]. |
Proposed text:
|It is possible to specify destinations for failure reports that are
outside of the domain requesting the reports. These destinations are
commonly referred to as "external destinations" and may represent a
different domain controlled by the same organization, a contracted
report processing service, or some other arrangement. Without this
check, a bad actor could publish a DMARC policy record that requests
that failure reports be sent to an external destination, then
deliberately send messages that will generate failure reports as a form
of abuse. Or, a domain owner could incorrectly publish a DMARC policy
with an external destination for failure reports, forcing the external
destination to deal with unwanted messages and potential privacy issues.
Therefore a Mail Receiver who generates failure reports MUST use the
Verifying External Destinations procedure described in Section 3 of
[I-D.ietf-dmarc-aggregate-reporting], substituting the "ruf=" tag where
the "rua=" tag appears in that procedure.`|
_______________________________________________
dmarc mailing list -- [email protected]
To unsubscribe send an email to [email protected]
