[opendmarc-users] trouble with endutec.de

A. Schulze sca at andreasschulze.de
Mon Aug 14 04:58:36 PDT 2017


Hello,

endutec.de publish a TXT record on _dmarc.endutec.de.
It looks like DMARC record but formal it is not a valid one.

     $ dig _dmarc.endutec.de. txt +short
     "off-v=DMARC1; p=reject; pct=100; fo=1;  
rua=mailto:dmarc.rua at srv-ctrl.net; ruf=mailto:dmarc.ruf at srv-ctrl.net"


https://tools.ietf.org/html/rfc7489#section-6.3
    ...
    A DMARC policy record MUST comply with the formal specification found
    in Section 6.4 in that the "v" and "p" tags MUST be present and MUST
    appear in that order.
    ...

v=DMARC1 is not present, so the whole record MUST be ignored if my  
reading is correct.

let's see what other implementations "think":

o mail::dmarc
     $ dmarc_lookup endutec.de
     using  
/usr/share/perl5/auto/share/dist/Mail-DMARC/public_suffix_list for  
public_suffix_list
     Header From: endutec.de
     Organizational Domain: endutec.de
     no DMARC policy published for endutec.de

o https://dmarcian.com/dmarc-inspector/endutec.de
     -> No DMARC record published.

o https://www.dmarcanalyzer.com/dmarc/dmarc-record-check/
     ... enter "endutec.de"
     ... press "Validate DMARC"
     -> ... there are errors ...

o OpenDMARC
     $ opendmarc-check endutec.de
     DMARC record for endutec.de:
         Sample percentage: 100
         DKIM alignment: relaxed
         SPF alignment: relaxed
         Domain policy: reject
         Subdomain policy: unspecified
         Aggregate report URIs:
                 mailto:dmarc.rua at srv-ctrl.net
         Forensic report URIs:
                 mailto:dmarc.ruf at srv-ctrl.net

looks like OpenDMARC don't correct) check for the RFC requirement. At  
least, my version...
I'm still running 1.3.1 + my set of ~30 patches.

Is the problem above known and addressed in 1.3.2?

Andreas




More information about the opendmarc-users mailing list