It appears that Scott Kitterman <[email protected]> said: > > >On June 22, 2022 2:54:28 AM UTC, John Levine <[email protected]> wrote: >>It appears that Scott Kitterman <[email protected]> said: >>>Not confusing is indeed the tricky part. I think what's wanted is shortest >>>that's longer than the longest PSD. >> >>How about this? >> >>b.a psd=y >>c.b.a NXDOMAIN >>d.c.b.a blah >> >>What's the org domain for e.d.c.b.a? I think it's c.b.a. Is the policy >>domain is d.c.b.a or b.a ? > >I think that because of the b.a record with the pad= tag that's correct for >the org domain, although I'm not sure why anyone >would do that. Without the PSD record it would be d.c.b.a.
Imagine that b.a is something like co.uk, abd d.c.b.a is mail.crumpets.co.uk. I don't think that's a great DMARC setup but it doesn't seem ridiculous. >For policy, it should be b.a, but I'm working from my phone right now and I'm >too lazy to look up what the draft actually says >(vice what I think it says). I think we agree about what we want it to say, you stop the tree walk when you see psd=y/n, the policy domain is the last record you found, org domain is the last record unless it's psd=y in which case it's the level below. I'll do a pull request so we can see if we agree on language. R's, John _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
