This is the Trusted Domain Project's impementation of the DMARC protocol libary and mail filter, called OpenDMARC. A "milter" connects to unix-based mailers (originally, sendmail, but now many) and provides a standard filtering API.
Other
98
stars
52
forks
source link
I have some question. If you don't mind, please reply my question. #216
I am implementing DMARC, and I have some troubles follows:
Our system provides selectable intervals between 1 to 48 hours reagrdless of ri.
so the interval(The difference between start and end) can be 3,600 to 172,800 and in reports, date_range is like this:
Is it correct date_range? and the contents should be included that range, not [end-86400]?
for example, if ri=3600, the contents should be included 1650243662(2022-04-18 10:01:02) and 1650247262(2022-04-18 11:01:02),
not 1650160862(2022-04-17 11:01:02) and 1650247262(2022-04-18 11:01:02)?
if the period is 1 hour, should the content of report is between now and 1 hour ago? or between now and 1 day ago?
In the other words, if the period is 36 hours, should the content of report is between now and 36 hours ago? or between now and 1 day ago?
In our report, the content seems it doesn't matter about period. 1 day fixed.
Our system generates dkim_status with dkim_result_code.
here is the code which get dkim status.
static int __get_dkim_status(int dkim_result_code) {
switch(dkim_result_code) {
case 0: // None
return DMARC_POLICY_DKIM_OUTCOME_NONE;
case 1: // Pass
return DMARC_POLICY_DKIM_OUTCOME_PASS;
case 2: // Fail
return DMARC_POLICY_DKIM_OUTCOME_FAIL;
default:
return DMARC_POLICY_DKIM_OUTCOME_NONE;
}
}
dkim_result_code may have 3 or more, but dmarc.h doesn't define dkim's permerror,nxdomain or so on..?
sorry for few information.
In opendmarc-reports, it defines dkim result as follows:
switch ($dkimresult)
{
case 0 { $dkimresultstr = "pass"; }
case 2 { $dkimresultstr = "softfail"; }
case 3 { $dkimresultstr = "neutral"; }
case 4 { $dkimresultstr = "temperror"; }
case 5 { $dkimresultstr = "permerror"; }
case 6 { $dkimresultstr = "none"; }
case 7 { $dkimresultstr = "fail"; }
case 8 { $dkimresultstr = "policy"; }
case 9 { $dkimresultstr = "nxdomain"; }
case 10 { $dkimresultstr = "signed"; }
case 12 { $dkimresultstr = "discard"; }
else { $dkimresultstr = "unknown"; }
}
and our result is 0(none)/1(pass)/2(fail)、so the dkimresultstr differs what we assumed.
should we correct opendmarc-reports? or our system's result?
example of correcting opendmarc-reports : case 0 → fail、 case 1 → pass、 case 2 → none
example of correcting our system : case 0 → return 6, case 1 → return 0, case 2 → return 7
In opendmarc-reports, the count seems fixed 1, but real rua report, the count can be more than 1.
What is correct, and how can I change the count?
I am implementing DMARC, and I have some troubles follows:
Our system provides selectable intervals between 1 to 48 hours reagrdless of ri. so the interval(The difference between start and end) can be 3,600 to 172,800 and in reports, date_range is like this:
Is it correct date_range? and the contents should be included that range, not [end-86400]? for example, if ri=3600, the contents should be included 1650243662(2022-04-18 10:01:02) and 1650247262(2022-04-18 11:01:02), not 1650160862(2022-04-17 11:01:02) and 1650247262(2022-04-18 11:01:02)?
if the period is 1 hour, should the content of report is between now and 1 hour ago? or between now and 1 day ago? In the other words, if the period is 36 hours, should the content of report is between now and 36 hours ago? or between now and 1 day ago? In our report, the content seems it doesn't matter about period. 1 day fixed.
Our system generates dkim_status with dkim_result_code.
here is the code which get dkim status.
and in opendmarc, dmarc.h defines follows:
dkim_result_code may have 3 or more, but dmarc.h doesn't define dkim's permerror,nxdomain or so on..? sorry for few information.
In opendmarc-reports, it defines dkim result as follows:
and our result is 0(none)/1(pass)/2(fail)、so the dkimresultstr differs what we assumed. should we correct opendmarc-reports? or our system's result? example of correcting opendmarc-reports : case 0 → fail、 case 1 → pass、 case 2 → none example of correcting our system : case 0 → return 6, case 1 → return 0, case 2 → return 7
In opendmarc-reports, the count seems fixed 1, but real rua report, the count can be more than 1. What is correct, and how can I change the count?
in source code:
sample of other rua report 1:
sample of other rua report 2:
I apology lack of explanation. and I hope you can answer my question.