On 1/19/21 06:02, Todd Herr wrote: > Picking up the thread on a ticket that was brought before the group > pre-holidays and has lain fallow since the end of 2020...
Prompted me to read from the start of the thread through: On 1/20/21 11:19, John R Levine wrote: > On Wed, 20 Jan 2021, Alessandro Vesely wrote: >> John's record looks more workable, but it's still fluffy: >> >> "v=DMARC1; p=none; rf=afrf; >> rua=mailto:dmar...@abuse.net,https://dmreport.abuse.net/dmreport/; >> ruf=mailto:dmar...@abuse.net" > > Whaddaya mean fluffy? Try a PUT or POST to that URI and it'll work. I think we should specify HTTPS URIs, and following 7489 section 12.6 "Secure Protocols" and current practices, HTTP should not be specified/permitted. However I don't yet see a compelling case for the OR- syntax or a separate "ruap" tag. Duplicate reports to the same destination are not the base case, and the bandwidth for unintended duplicates will likely be much smaller than, say, per-message DNS tree walks being discussed elsewhere. Report processors annoyed by receiving duplicates can work with the domain owners in question, and if that doesn't work they can withdraw their report authorization record. --S. _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc