Use comma instead of semicolon in AR header comment

[mdomsch]

opendmarc has been emitting these warning messages for quite some time, and does not further process the AAR header:

ignoring invalid ARC-Authentication-Results header "i=1; mail.example.com; dkim=pass (2048-bit key; unprotected) header.d=mail.example-sender.com [email protected] header.a=rsa-sha256 header.s=cpm header.b=n+hM2AZB"

which was traced to the opendmarc code that tokenizes the AAR header by splitting it up by semicolons, not recognizing parenthesis as comments and skipping over them as part of the tokenization.

The AAR header is added by openarc, taking the content from the Authentication-Results header added by opendkim.

The DKIM EBNF doesn't specify anything about the format of the comments, so it's fair for opendkim to have used a semicolon in that comment string. However, it's just as fair for opendkim to use a comma instead of a semicolon in that comment.

Patch replaces the semicolon with a comma. Now opendmarc no longer emits the above warning.

[futatuki]

As far as I read the code of OpenDMARC, how it uses the AAR header information, even if it would not ignore the AAR header added by OpenDKIM + OpenARC, it takes no effect other than removing warning in most case.

Because although OpenDMARC uses only "smtp.client-ip" property in ARC result on i=1 in AAR header, the property should be "smtp.remote-ip" in RFC8617. OpenARC uses "smtp.remote-ip" since the commit https://github.com/trusteddomainproject/OpenARC/commit/c5e19ea37d15c82b7e105b7ee2ca968b7f771231, before 1.0.0-BETA2.

Also OpenARC includes the ARC result in AAR header only if a message has already has AR header of ARC results with its own authserve-id before processing the message.

So I think the issue should be resolved in OpenDMARC side. (I've already rewrite an AAR header parser for OpenDMARC addressed it, by reusing parser for AR header, but not published yet).