[ietf-dkim] Are lookalike domains like parent domains?
Tony Finch
dot at dotat.at
Thu May 1 04:53:44 PDT 2008
On Wed, 30 Apr 2008, Arvel Hathcock wrote:
>
> Enter the NXDOMAIN check. If, as part of the ADSP algorithm, an
> NXDOMAIN check is performed, the algorithm can quickly detect that the
> domain doesn't exist and that _this_ might be the reason there is no
> ADSP record. This added insight closes the hole and can be used by
> filtering agents.
NXDOMAIN is the wrong check. A domain is not a valid mail domain if it has
neither MX nor A nor AAAA records. If it has a TXT record then a lookup
will not return NXDOMAIN even though it is not a valid mail domain.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
BISCAY: SOUTHWEST 5 BACKING SOUTH 4. ROUGH BECOMING MODERATE. SHOWERS. GOOD.
More information about the ietf-dkim
mailing list