[ietf-dkim] protecting domains that don't exist
fenton at cisco.com
Thu Apr 24 09:45:10 PDT 2008
John Levine wrote:
>> OTOH, the converse is likely to be relevant to quite a lot of domains,
>> even if it does not apply to aol.com.
> Really? Can you provide some examples of domains that use so many
> subdomains for mail that it's impractical to cover the ones they use
> individually? (Not counting wildcards, we know that's a swamp.) For
> the domains I know, the mail comes from one or a handful of fixed
> subdomains, and any random subdomain is bogus.
> OK, please provide a list of such domains and we can special-case them.
Any domain with a lot of A records qualifies because you can't tell
whether they're using the subdomain "for mail" or not. And we have
previously decided that trying to publish an assertion whether a domain
is used for mail or not is out of scope for the WG, so the best we can
do is to say something about the signing practices.
More information about the ietf-dkim