[opendmarc-dev] [opendmarc-announce] OpenDMARC 1.3.2 Beta cycle
Juri Haberland
juri at sapienti-sat.org
Wed Jul 20 04:19:46 PDT 2016
On 20.07.2016 07:19, Scott Kitterman wrote:
> I checked against which patches I'd pulled from the issue tracker for the
> Debian package and there are three I have that you haven't included that I
> think would be worth considering:
>
> https://sourceforge.net/p/opendmarc/tickets/153/
I think this one ("duplicate dkim auth_result sections") is invalid. In my
reading of the RFC it is valid to include multiple dkim auth_result
sections, if there are multiple Authentication-Result: dkim headers/DKIM
signatures.
See also the discussion on the dmarc-discuss ML, e.g.
http://lists.dmarc.org/pipermail/dmarc-discuss/2016-July/003549.html
The main point is that the RFC is not clear what to report:
all DKIM results, only the one used for the decission or any other
combination - everything would be valid.
Me personally, I like to report all DKIM results found in the mail, because
if you report only one - and you have multiple DKIM results, but none
matches DMARC-wise, which result do you report in this case?
Juri
More information about the opendmarc-dev
mailing list