RFC Errata
RFC 7489, "Domain-based Message Authentication, Reporting, and Conformance (DMARC)", March 2015
Note: This RFC has been updated by RFC 8553, RFC 8616
Source of RFC: INDEPENDENT
Errata ID: 5774
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Freddie Leeman
Date Reported: 2019-07-03
Held for Document Update by: Adrian Farrel
Date Held: 2021-06-01
Section Appendix C says:
<!-- The DMARC disposition applying to matching messages. --> <xs:element name="policy_evaluated" type="PolicyEvaluatedType" minOccurs="1"/> <!-- The RFC5321.MailFrom domain. --> <xs:element name="envelope_from" type="xs:string" minOccurs="1"/> <!-- The RFC5322.From domain. --> <xs:element name="header_from" type="xs:string" minOccurs="1"/> <!-- The "d=" parameter in the signature. --> <xs:element name="domain" type="xs:string" minOccurs="1"/> <!-- The DKIM verification result. --> <xs:element name="result" type="DKIMResultType" minOccurs="1"/> <!-- The checked domain. --> <xs:element name="domain" type="xs:string" minOccurs="1"/> <!-- The scope of the checked domain. --> <xs:element name="scope" type="SPFDomainScope" minOccurs="1"/> <!-- The SPF verification result. --> <xs:element name="result" type="SPFResultType" minOccurs="1"/> <!-- There will always be at least one SPF result. --> <xs:element name="spf" type="SPFAuthResultType" minOccurs="1" maxOccurs="unbounded"/>
It should say:
<!-- The DMARC disposition applying to matching messages. --> <xs:element name="policy_evaluated" type="PolicyEvaluatedType"/> <!-- The RFC5321.MailFrom domain. --> <xs:element name="envelope_from" type="xs:string"/> <!-- The RFC5322.From domain. --> <xs:element name="header_from" type="xs:string"/> <!-- The "d=" parameter in the signature. --> <xs:element name="domain" type="xs:string"/> <!-- The DKIM verification result. --> <xs:element name="result" type="DKIMResultType"/> <!-- The checked domain. --> <xs:element name="domain" type="xs:string"/> <!-- The scope of the checked domain. --> <xs:element name="scope" type="SPFDomainScope"/> <!-- The SPF verification result. --> <xs:element name="result" type="SPFResultType"/> <!-- There will always be at least one SPF result. --> <xs:element name="spf" type="SPFAuthResultType" maxOccurs="unbounded"/>
Notes:
Removed all minOccurs="1" from the DMARC XML Schema since the NOTE at the beginning of the appendix already states that 'unless otherwise specified, the minOccurs and maxOccurs values for each element are set to 1'. These (9) unnecessary specifications of minOccurs can cause confusion and lead to incorrect implementations.
While this report is technically correct, it is hard to see that the text as currently present is harmful or confusing. This is left for an update if/when the document is revised.