In article <609e1c9b-cc4d-d7d1-0fa8-79f515c1e...@tana.it> you write: > It has been asked for a new report type (perhaps a subset of failure > reports) that provides minimal data from the email (specifically, the > initial ask is for the to: and from: email addresses only) in order to aid > identification of the email's destination (and hence, the owner who can > help with getting it authenticated) without providing other PII.
As always, I would want to see some evidence of an actual problem to be solved here. In the existing format, reporters can and do redact as much as they want. Why isn't that sufficient? Looking at the actual forensic reports I get, the majority are from antispamcloud.com which gloms some report info and the failed message's headers into a text body, ignoring the spec that says it's supposed to be multipart/report. I presume if we changed the spec they still wouldn't follow it, so why bother. The rest of the reports are multipart/report, some with the whole message, some with just the headers. I think that if a reporter isn't willing to provide the headers it's unlikely to provide anything. If we have a concrete reason to believe that there are people who would send these proposed super-redacted failure reports who do not send reports now, I might consider this. Otherwise, it's not a problem and close the ticket. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
