DMARC policy lookup violates RFC 7849.
Bug #1931029 reported by
Mark Sapiro
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
GNU Mailman |
Fix Released
|
Low
|
Unassigned |
Bug Description
If DNS lookup of TXT records for a domain finds more than one v=DMARC1; record, it checks them all for policy = reject or quarantine.
RFC 7849, Sec 6.6.3 item 5 says
5. If the remaining set contains multiple records or no records,
policy discovery terminates and DMARC processing is not applied
to this message.
Thus, if we find multiple records we should assume no DMARC policy for this domain.
Related branches
Changed in mailman: | |
status: | Triaged → Fix Committed |
Changed in mailman: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Here's the 5 items: https:/ /datatracker. ietf.org/ doc/html/ rfc7489# section- 6.6.3
If item 2 matches multiple v=DMARC1 records, and therefore item 3 is ignored, does item 5 even apply?