On June 28, 2022 6:02:54 PM UTC, Todd Herr <[email protected]> wrote: >On Mon, Jun 27, 2022 at 8:36 PM Douglas Foster < >[email protected]> wrote: > >> My testing was done more than a year ago. My recollection is that I >> discovered it based on something in the wild, and then confirmed it with a >> locally-configured experiment. This time I am having trouble finding >> examples. >> >> The only one I can verify is from a previous email exchange on this forum: >> >> mail.foodnetwork.com >> returns NXDOMAIN >> >> but >> _dmarc.mail.foodnetwork.com >> returns DATA for type=TXT >> > >Thank you for the further information. > >In regards to RFC 8020, rev -10 of DMARCbis currently reads as follows: > >7.8. <#section-7.8>Domain Existence Test <#name-domain-existence-test> > >RFC 7489 used the test specified in [RFC5321 <#RFC5321>] to determine a >domain's existence. This test requires up to three DNS lookups for the MX, >A, and AAAA RRs for the name in question.ΒΆ <#section-7.8-1> > >This version of the protocol relies solely on the test for existence as >defined in [RFC8020 <#RFC8020>]. If a query for a name returns NXDOMAIN, >then the name does not exist. > ><#section-7.8-2> >But I'm not sure that this is correct, especially not the first sentence, >because here's what RFC 7489 has to say on the topic: > > ...
The first sentence is from RFC 9091 and should be deleted. At some point in the DMARCbis work we did decide to go with the RFC 8020 approach, but it looks like the document update was incomplete. >used the test specified in RFC 5321 to determine a domain's >existence." This would argue for the text of "Domain Existence > >Test" in DMARCbis to be reworded. > > >The "np" tag didn't exist in RFC 7489, and it's not clear to me that >RFC 7489 cared all that much about whether a domain existed. > >In DMARCbis, however, the "np" tag does exist, and so it seems we must >settle on a way to determine whether or not a domain exists, > >and RFC 8020 seems to be the more efficient method than RFC 5321, as >it requires just one query, not three. I think that's what we wanted, but only updated things incompletely. Scott K P.S. Sorry if I butchered the snipping. Soooooo many words to sort out on my phone. _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
