[ietf-dkim] protecting domains that don't exist
Jim Fenton
fenton at cisco.com
Thu Apr 24 09:45:10 PDT 2008
John Levine wrote:
>> OTOH, the converse is likely to be relevant to quite a lot of domains,
>> even if it does not apply to aol.com.
>>
>
> Really? Can you provide some examples of domains that use so many
> subdomains for mail that it's impractical to cover the ones they use
> individually? (Not counting wildcards, we know that's a swamp.) For
> the domains I know, the mail comes from one or a handful of fixed
> subdomains, and any random subdomain is bogus.
>
> OK, please provide a list of such domains and we can special-case them.
>
Any domain with a lot of A records qualifies because you can't tell
whether they're using the subdomain "for mail" or not. And we have
previously decided that trying to publish an assertion whether a domain
is used for mail or not is out of scope for the WG, so the best we can
do is to say something about the signing practices.
-Jim
More information about the ietf-dkim
mailing list