antispamcloud.com (SpamExperts) forensics reports format

• Previous message (by thread): Any Wave Business clue on the list?
• Next message (by thread): antispamcloud.com (SpamExperts) forensics reports format
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

We are parsing dmarc reports using parsedmarc and the forensics reports coming from antispamcloud.com seems not to follow the recommended reporting format (AFRF) and therefore are considered invalid.

Maybe is there anyone from SpamExperts in this list that could enlighten me about how we could request to receive the reports in a common format?

If I understand correctly that should be the case by default:

https://tools.ietf.org/html/rfc7489#section-7.3
When a Domain Owner requests failure reports for the purpose of
forensic analysis, and the Mail Receiver is willing to provide such
reports, the Mail Receiver generates and sends a message using the
format described in [AFRF]; this document updates that reporting
format, as described in Section 7.3.1.

https://tools.ietf.org/html/rfc7489#section-6.3
rf:  Format to be used for message-specific failure reports (colon-
      separated plain-text list of values; OPTIONAL; default is "afrf").
      The value of this tag is a list of one or more report formats as
      requested by the Domain Owner to be used when a message fails both
      [SPF] and [DKIM] tests to report details of the individual
      failure.  The values MUST be present in the registry of reporting
      formats defined in Section 11; a Mail Receiver observing a
      different value SHOULD ignore it or MAY ignore the entire DMARC
      record.  For this version, only "afrf" (the auth-failure report
      type defined in [AFRF]) is presently supported.  See Section 7.3
      for details.  For interoperability, the Authentication Failure
      Reporting Format (AFRF) MUST be supported.


Instead we receive it with this format:

A message claiming to be from you has failed the published DMARC
policy for your domain.

  Sender Domain: xyz.ch
  Sender IP Address: x.x.x.x
  Received Date: Fri, 04 Sep 2020 16:37:40 +0200
  SPF Alignment: no
  DKIM Alignment: no
  DMARC Results: None, Accept

------ This is a copy of the headers that were received before the error
       was detected.


[then all headers of the offending message here that I removed for this post]


Thanks a lot for your infos and help.

Kind regards,

Sébastien RICCIO
SYSTEM ADMINISTRATOR
P  +41 840 888 888
F  +41 840 888 000
M sriccio at swisscenter.com<mailto:sriccio at swisscenter.com>




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20200909/b0d575af/attachment.html>

• Previous message (by thread): Any Wave Business clue on the list?
• Next message (by thread): antispamcloud.com (SpamExperts) forensics reports format
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]