[opendmarc-users] SPF and DKIM alignment when no policy
Davide Migliavacca
davide.migliavacca+opendmarc at gmail.com
Sat Oct 27 10:44:26 PDT 2012
Hi,
while adding tests to the Perl module I realized that the following
sequence in the opendmarc_get_policy_to_enforce() function (in
opendmarc_policy.c)
[...]
if (pctx->p == DMARC_RECORD_P_UNSPECIFIED)
return DMARC_POLICY_ABSENT;
[...]
pctx->dkim_alignment = DMARC_POLICY_DKIM_ALIGNMENT_FAIL;
pctx->spf_alignment = DMARC_POLICY_SPF_ALIGNMENT_FAIL;
/* check for DKIM alignment */
if (pctx->dkim_domain != NULL && pctx->dkim_outcome ==
DMARC_POLICY_DKIM_OUTCOME_PASS)
[rest of alignment check follows]
has the effect of not evaluating DKIM and SPF alignment when a DMARC
policy for a domain is not found (due to the earlier "return
DMARC_POLICY_ABSENT").
Further calls to, i.e. opendmarc_fetch_alignment will get invalid
results (as the alignments were not evaluated).
I understand to all practical effect it makes little sense to evaluate
alignment when a policy is not there.
However, after some reasoning I tend to believe
opendmarc_get_policy_to_enforce should perform its side effects all
the same - for consistency - and return later, since the alignment
involves SPF and DKIM, not the DMARC record.
Am I missing something here?
Kind regards,
Davide
More information about the opendmarc-users
mailing list