"sp" will be ignored for DMARC records published on subdomains of Organizational Domains
due to the effect of the DMARC policy discovery mechanism
Therefore we want to warn users that the sp tag they have explicitly set is probably not doing what they intended. This issue was originally brought to light in NCATS JIRA ticket CYHYDEV-761.
I ran tests against several domains (including cyber.dhs.gov, which is a subdomain containing an sp tag) and verified that this code behaves as expected.
See also cisagov/trustymail_reporter#33 and jsf9k/cyhy-reports#32.
This isn't an error, but according to RFC7489,
Therefore we want to warn users that the
sp
tag they have explicitly set is probably not doing what they intended. This issue was originally brought to light in NCATS JIRA ticket CYHYDEV-761.I ran tests against several domains (including
cyber.dhs.gov
, which is a subdomain containing ansp
tag) and verified that this code behaves as expected.See also cisagov/trustymail_reporter#33 and jsf9k/cyhy-reports#32.