On Apr 24, 2022, at 8:57 PM, Scott Kitterman <[email protected]> wrote: > > For cases where strict alignment is not appropriate, this issue can be > mitigated by periodically checking the DMARC records, if any, of PSDs above > the organization's domains in the DNS tree and (for legacy [RFC 7489] checking > that appropriate PSL entries remain present). If a PSD domain publishes a > DMARC record without the appropriate psd=y tag, organizational domain owners > can add psd=n to their organizational domain's DMARC record so that the PSD > record will not be incorrectly evaluated to be the organizational domain.
Though the risk’s low, “periodically checking the DMARC records, if any” isn’t particularly reassuring. It’s like saying periodically give your pilot a breathalyzer. :-)
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
