[dmarc-ietf] Trac #117

Brotman, Alex Sat, 14 Aug 2021 07:11:15 -0700

Folks,

A ticket was opened to add a "human_result" to the SPF results in the report.  
As DKIM has similar, I don't necessarily see an issue here.  It seems like this 
could be useful to those attempting to resolve issues relating to failing SPF 
results. The ticket illustrates a few examples:


----------------------------------------------
Justification:
A free text string <human_result> allows to add a meaningful error message in 
case when the SPF result is permerror or temperror.
This can be used as signaling mechanism, especially when the error is not 
obvious or does not occur with every mail receiver (subject to how strict they 
interpret the SPF spec and how they handle minor errors).

Here are a couple of real-world examples (anonymized) during SPF checks that 
have been all subsumed as permerror:

    "example.net: Maximum DNS-interactive terms limit (10) exceeded"
    "example.net ... example.com: Maximum DNS-interactive terms limit (10) 
exceeded"
    "example.net: Redundant applicable 'v=spf1' sender policies found"
    "example.net: Included domain 'example.com' has no applicable sender policy"
    "mail.example.net: Junk encountered in record 'v=spf1 a mx ip4:192.0.2.1 
ip4:192.0.2.51 ~all|'"
    "example.net: Junk encountered in record 'v=spf1 ip4:192.0.2.1 
ip4:192.0.2.51 include:_spf.example.com <http://spf.example.com> ~all'"
    "example.net: Missing required domain-spec in 'Include:'"

Note that there are different interpretations of how to count the number of DNS 
lookups:
<https://www.mail-archive.com/dmarc-discuss@dmarc.org/msg03268.html>

Examples for temperror:

    "example.net: 'SERVFAIL' error on DNS 'TXT' lookup of 'example.net'"
    "email.example.net: 'SERVFAIL' error on DNS 'TXT' lookup of 
'email.example.net'"
    "example.net: 'SERVFAIL' error on DNS 'PTR' lookup of 
'1.2.0.192.in-addr.arpa'"

The name <human_result> has been chosen, because it already exists for the 
<dkim> section.
-------------------------------------




https://trac.ietf.org/trac/dmarc/ticket/117



--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast

_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc

[dmarc-ietf] Trac #117

Reply via email to