[opendmarc-dev] forensic reports

Andreas Schulze sca at andreasschulze.de
Tue Jul 30 15:34:29 PDT 2013 

Zitat von Andreas Schulze <sca at andreasschulze.de>:

Hi,

there is still to much silence on opendmarc-dev :-(

I like to focus on  failure reports (forensic reports) again.
The current code can generete them but as opendmarc does not capture  
the body at all
there is only a limited information available.

To implement full body failure reporting opendmarc must capture the body.
That sounds very memory expensive. Capturing the body should only be done
it there is clearly a need for. That point it reached after _end of  
header_ in my opinion.

But the evaluation of the dmarc result is currently done in _end of  
message_, thats far later.

To enable full body failure reporting in opendmarc the decision about  
the dmarc result should be
evaluated in _end of header_ to
  - skip capturing the body if it's not needed.
  - capture only if dmarc != pass && ruf != NULL

Am I wrong with my thoughts?

If no:
As Murray is very busy, are there other programers out there beeing  
able to contribute code?

Thanks
Andreas

> Franck also suggested to collect as much as possible informations.
> http://tools.ietf.org/html/rfc6591#section-3.1 allow to include  
> headers only or
> the complete message attached to a forensic report.
> Opendmarc send only headers (opendmarc.c, ~line 2516)
>
> Q: may a domainowner specify the forensic report should be header  
> only or full body?
>
> Anyway, opendmarc should generate forensic reports containing full  
> message to a local receiver.
>
> Also I suggest a lookuptable to whitelist/limit the amound of  
> forensic reports sent to remote.
> I have concerns about the volume of forensic reports I have to sent!
> I like to specify: send forensic reports only for domain a and b but  
> no other.
>
> @Franck: I hope, I understood you correct and explain my thoughts well ...
>
> Andreas
> _______________________________________________
> opendmarc-dev mailing list
> opendmarc-dev at trusteddomain.org
> http://www.trusteddomain.org/mailman/listinfo/opendmarc-dev

More information about the opendmarc-dev mailing list