Limitations of the Tree Walk method, listed roughly from highest to lowest
importance
Private Registries
The PSL has data on private registries, while the tree walk will only know
about private registries if and when each registry or its clients publish
DMARC policies.
Exceptions
The PSL is easil
It appears that Tim Wicinski said:
>> What should the evaluator do if one of these results in a CNAME that
>> either:
>>
>> a) points outside of the tree
>>
>
>I would say "Follow the CNAME" - consider LargeCo which points many DMARC
>records
>of domains in their portfolio to a record in
On Wed, Mar 30, 2022 at 8:50 AM Brotman, Alex wrote:
> >From section 4.6:
>
> To illustrate, for a message with the arbitrary RFC5322.From domain
>of "a.b.c.d.e.mail.example.com", a full DNS Tree Walk would require
>the following five queries, in order to locate the policy or
>Organiz
>From section 4.6:
To illustrate, for a message with the arbitrary RFC5322.From domain
of "a.b.c.d.e.mail.example.com", a full DNS Tree Walk would require
the following five queries, in order to locate the policy or
Organizational Domain:
* _dmarc.a.b.c.d.e.mail.example.com
* _d