Post by DMARC via dmarc-discuss
I've always been a little confused with the distinctions between
the 'iodef' Incident Object Description Exchange Format or 'afrf'
Authentication Failure Reporting Formats.
Obviously, afrf has become the defacto standard, as that's all I see in
any DMARC record that I examine.
I've reviewed https://tools.ietf.org/html/rfc5070 and am no closer to
appreciating the impact of selecting one format over another.
Is this an example where one standard as been publically accepted and the
competing standards are more or less deprecated in deployment ?
My understanding is that IODEF is supported by Incident Response tools so
if you wanted your DMARC reports to feed in to one of those, you'd pick it.
I haven't encountered this use-case yet with a deployment so this is just
Ken O'Driscoll / We Monitor Email
t: +353 1 254 9400 | w: www.wemonitoremail.com
Need to understand deliverability? Now there's a book:
dmarc-discuss mailing list
NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/no