On Thu, Mar 21, 2024 at 5:55 AM Alessandro Vesely <ves...@tana.it> wrote:
> On Wed 20/Mar/2024 23:11:20 +0100 Matthäus Wander wrote: > > Alessandro Vesely wrote on 2024-03-20 15:42: > >> what is the result of DMARC on having, say > >> > >> dkim=pass (testing key) > >> or > >> dkim=policy (512 byte key) > >> > >> is that akin to SPF neutral, i.e. dmarc=fail? > > > > dkim=pass results in dmarc=pass (if the domain is aligned). The comment > in > > brackets is for human eyes and does not change the DMARC result. > > > For t=y, DKIM says: > > y This domain is testing DKIM. Verifiers MUST NOT treat messages > from Signers in testing mode differently from unsigned email, > even should the signature fail to verify. Verifiers MAY wish > to track testing mode results to assist the Signer. > > So reporting dkim=pass for testing keys seems to be a violation. > > > > dkim=policy is like spf=neutral, i.e. dmarc=fail. > > > Agreed. Should that be mentioned in DMARCbis? > > I don't believe there's any need to discuss this topic in DMARCbis. DMARCbis, in section 4.1, DMARC Basics, says: =============================================================== A message satisfies the DMARC checks if at least one of the supported authentication mechanisms:¶ <#section-4.1-3> 1. produces a "pass" result, and <#section-4.1-4.1.1> 2. produces that result based on an identifier that is in alignment, as described in Section 4.4 <#identifier-alignment-explained>. =============================================================== If there's anything to say about reporting a DKIM pass result for DKIM signatures where t=y exists and its possible ramifications for DMARC, then I believe that's something for an update RFC 6376 to address. -- Todd Herr | Technical Director, Standards & Ecosystem Email: todd.h...@valimail.com Phone: 703-220-4153 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
