On Wednesday, June 22, 2022 6:06:30 AM EDT Alessandro Vesely wrote: > These were already there in older versions, I only saw them no. > > Section 4.6, DNS Tree Walk > > The relevant DMARC record for these purposes is not necessarily the > DMARC policy record found in DNS at the same level as the name label > for the domain in question. Instead, some domains will inherit their > DMARC policy records from parent domains one level or more above them > in the DNS hierarchy. Similarly, the Organizational Domain may be > found at a higher level in the DNS hierarchy. > > That text can be misleading. The second line really means that the DMARC > policy record was NOT found in DNS at the same level. In no case a policy > defined at the same level can be overridden.
I agree. How about changing "Instead, some domains will inherit their DMARC policy records from parent domains one level or more above them in the DNS hierarchy" to "Instead, domains which have a DMARC record will use that as the DMARC policy record even in cases where the Organizational Domain is a parent domains one level or more above them in the DNS hierarchy"? There's no case where there's a policy for a domain, that's the org domain and then a higher level domain in the tree is used for policy. I think this more correctly describes the distinction. > Section 4.7, DMARC Policy Discovery > > OLD > The DMARC policy to be applied to the message will be the > record found at one of these three locations: > > NEW > The DMARC policy to be applied to the message will be IN the > record found at one of these three locations: I agree this is more correct. > Later on: > > If a retrieved policy record does not contain a valid "p" tag, or > contains an "sp" tag that is not valid, then: > > What about "np"? The np= tag should have been included. That was probably copied from RFC 7489 and not correctly updated. It needs something about 'np=' tag if the domain does not exist added. Scott K _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
