I have been looking at Forensic Report generation and I note that the specification points to a number of different sources:
- rfc7489 DMARC points to rfc6591 AFRF, plus DMARC additions in section 7.3.1 - 6591 specifies additions to the Abuse Reporting Format, rfc5965. - rfc5965 ARF lightly references rfc3462, the Multipart/Report content type. I am teasing this out to generate actual reports. Re-ordering the evolving spec elements gives: - rfc3462 Multipart/Report - modified by rfc5965 Abuse Reporting Format - modified by rfc6591 Authentication Failure Reporting Format using ARF - with the addition of rfc6651 AFRF-DKIM - and rfc6652 AFRF-SPF - modified by rfc7489 DMARC, section 7.3.1. Is there an updated and clarified public spec somewhere, along similar lines? Would it be useful to create such a spec, and possibly include it as an appendix to any future update to rfc7489? I am willing to pull this together if this would be a useful contribution. Stephen Nightingale, NIST _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc