Changes
- Rename DMARCbis references to RFC 9989
- In compliance with RFC 9989, treat a DMARC
ptag asp=none, instead of requiring it- Instead, a warning is raised that older versions of DMARC require it
- DMARC: the
pct,rf, andritags are removed in RFC 9989. They are no
longer implicitly added to parsed results, are no longer strictly validated
(invalid values that previously raised now just warn), and explicit use
emits a "removed in RFC 9989" warning. Pre-9989 readers may still honor
them, so the value is left intact for those consumers. - DMARC: unknown tags are now ignored with a warning instead of raising
InvalidDMARCTag, per RFC 9989 ("Unknown tags MUST be ignored"). - DMARC: the order constraint that
pmust immediately followvis now a
warning rather than a hard syntax error. RFC 9989 permits any tag ordering
afterv; older RFC 7489 readers may still expectpsecond. - DMARC: the
!sizesuffix onrua/rufURIs is now flagged as obsolete
syntax (RFC 9989 says reporters MUST ignore it). The warning still fires
because pre-9989 readers may still honor it. - DMARC: the RFC 9989 tree walk now continues all the way to single-label
parents (TLDs). PSD operators publish their policy at e.g._dmarc.gov
withpsd=y, and the previous "don't query TLDs" short-circuit prevented
PSD discovery (the main reason RFC 9989 added the tree walk). - DMARC: during the tree walk, parent queries no longer trigger the
apex-fallback "wrong-location" check. A strayv=DMARC1at a parent
domain's apex used to spuriously abort the walk with
DMARCRecordInWrongLocation; that check is now only applied to the
originally requested name.