An experimental draft isn't the best place for a deployment guide. an operational document that discusses deployment among other things is a different story
On Fri, Jul 19, 2019 at 11:13 PM Scott Kitterman <skl...@kitterman.com> wrote: > On Friday, July 19, 2019 11:30:01 AM EDT Kurt Andersen (b) wrote: > .... > > > > I'm also concerned > > > > that a wildcard null MX record at the org level would end up having > all > > > > subdomains "exist", but the policy that should be applied would be > the > > > > > > more > > > > > > > restrictive "np" policy, not the (possibly) more permissive "sp" > policy. > > > > > > I think this is one of those "you must be this tall to ride on this > ride" > > > situations. DNS comes equipped with multiple footguns and you have to > > > know a > > > bit about what you're doing to make sure you get the effects you're > after. > > > > Perhaps a reminder in the text related to "np" that wildcards may cause > > undesired results and leave it as an exercise for the implementor to > learn > > from that warning. > > It seems like either too much or not enough. This at least slightly > concerns > me because I don't want to warn about the implication of one DNS feature > without being comprehensive. DMARC deployment in any non-trivial > organization > is an inter-disciplinary task, even more so PSD DMARC. I don't think we > want > to take on being a deployment guide, so I'd leave it out. > > Let's see what others think. > > Scott K > > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc >
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc