On Tue 10/Dec/2024 18:04:33 +0100 Daniel K. wrote:
Pedanticness:high

rua/ruf is required to support mailto: URIs

   A Mail Receiver MUST implement support for a "mailto:"; URI,
   but any URI can be specified.

Per RFC 3986 "mailto:repo...@example.com"; does not have an authority
component, just a scheme and a path. The wording is therefore slightly
inaccurate even though I think anyone will understand the meaning.

I suggest a slight rewording.

From Verifying external destinations:

    When a Mail Receiver discovers a DMARC policy in the DNS,
    and the Organizational Domain at which that record was
    discovered is not identical to the Organizational Domain
    of the host part of the authority component of a [RFC3986]
    specified in the "rua" tag, the following verification
    steps MUST be taken:

New:

    ... Organizational Domain of the host part of the
    authority component of, or hostname extracted from
    the path of a URL specified in the "rua" tag, ...


Couldn't we just say /target domain/ rather than pretending that some other URI scheme having an authority component has to be verified?

BTW, the place were the record was discovered is not necessarily the Organizational Domain. If you find a DMARC record at the From: domain you should use that for any rua/ruf and policy determination. (If it is not the org domain, you may need to discover the latter for alignment determinations.)


Best
Ale
--





_______________________________________________
dmarc mailing list -- dmarc@ietf.org
To unsubscribe send an email to dmarc-le...@ietf.org

Reply via email to