thegushi
commented
2 years ago Source forge is a complicated thing but I’ll see if I can go find that ticket and merge the rest of it into our develop branch in the next day or so.
-Dan
Sent from my iPhone
On Dec 20, 2021, at 09:10, Jonathan Kamens @.***> wrote:
From https://sourceforge.net/p/opendmarc/tickets/207/:
When sending aggregate reports, the domain used inside
should be (per RFC 7490) "The domain at which the DMARC record was found.". The report always uses the from_domain. However, the DMARC record might be found at a parent domain. The correct domain, I assume, is supposed to be recorded through the "policy_domain" field in the "messages" table. The opendmarc-import script doesn't set that field, and opendmarc-reports justs uses the "domain" field in the "requests" table, wich is set to the "from" domain. Here's a patch to 1.3.2 that resolves this issue.
There's a patch in the Sourceforge ticket. The first half of the patch was already applied in another commit, but the second half of the patch, to fix opendmarc-reports.in to actually use the correct domain, was never applied. Please fix this.
Note that this problem is being actively discussed on the @.*** list with OpenDMARC specifically called out as an aggregate report generator that is doing this wrong.
— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you are subscribed to this thread.
From https://sourceforge.net/p/opendmarc/tickets/207/:
There's a patch in the Sourceforge ticket. The first half of the patch was already applied in another commit, but the second half of the patch, to fix opendmarc-reports.in to actually use the correct domain, was never applied. Please fix this.
Note that this problem is being actively discussed on the dmarc-discuss@dmarc.org list with OpenDMARC specifically called out as an aggregate report generator that is doing this wrong.