On Tue 10/Dec/2024 18:04:33 +0100 Daniel K. wrote:
Pedanticness:high
rua/ruf is required to support mailto: URIs
A Mail Receiver MUST implement support for a "mailto:" URI,
but any URI can be specified.
Per RFC 3986 "mailto:repo...@example.com" does not have an authority
component, just a scheme and a path. The wording is therefore slightly
inaccurate even though I think anyone will understand the meaning.
I suggest a slight rewording.
From Verifying external destinations:
When a Mail Receiver discovers a DMARC policy in the DNS,
and the Organizational Domain at which that record was
discovered is not identical to the Organizational Domain
of the host part of the authority component of a [RFC3986]
specified in the "rua" tag, the following verification
steps MUST be taken:
New:
... Organizational Domain of the host part of the
authority component of, or hostname extracted from
the path of a URL specified in the "rua" tag, ...
Couldn't we just say /target domain/ rather than pretending that some other URI
scheme having an authority component has to be verified?
BTW, the place were the record was discovered is not necessarily the
Organizational Domain. If you find a DMARC record at the From: domain you
should use that for any rua/ruf and policy determination. (If it is not the
org domain, you may need to discover the latter for alignment determinations.)
Best
Ale
--
_______________________________________________
dmarc mailing list -- dmarc@ietf.org
To unsubscribe send an email to dmarc-le...@ietf.org