On Mon 20/Dec/2021 18:41:25 +0100 Scott Kitterman wrote:
On Monday, December 20, 2021 12:39:15 PM EST Alessandro Vesely wrote:
On Sun 19/Dec/2021 21:42:16 +0100 Scott Kitterman wrote:
> If the domain owner has suggested that you reject mail from a sub-domain
> that has none of A, AAAA, or MX records, why would you not do that?
Are we sure that's what the domain owner meant to suggest?
An organization can use sp= on its root domain record, or it can define a
DMARC record at some subdomains. So far so good.
Then it turns out that one can also define DMARC record at some non-existing
sub domains, possibly as an alternative to using np=... Now this begins to
look puzzling.
The reason to introduce np= was to select domains that really don't exist.
Why don't we stick to that definition?
What definition are you wondering why we didn't stick to?
Real non-existence. I'm not sure how to define it formally, because it would
be exorbitant to require to try everything. On the other hand an application
probably tried to authenticate SPF, DKIM, and DMARC already. If any of those
record was found, then it's silly to even lookup A/ AAAA/ MX for the purpose to
determine if the domain exists.
Best
Ale
--
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
