In article <CABuGu1qGJq2fes9B1vwb1v=jmi3hcydvzdvoi0+zrewc4ry...@mail.gmail.com> you write: >Most MTAs will also follow CNAMEs. Should they be included (along with >other things like DNAME records) within the scope of existence? I'm a >little concerned that we are making a special definition of "non-existence" >which differs from the standard DNS concepts of NODATA and NXDOMAIN without >having a correspondingly special name.
Good catch, you have to chase CNAME and DNAME before deciding whether you've found A/AAAA/MX. >I'm not sure how well this maps to what we describe. I'm also concerned >that a wildcard null MX record at the org level would end up having all >subdomains "exist", but the policy that should be applied would be the more >restrictive "np" policy, not the (possibly) more permissive "sp" policy. That sounds fairly deep into "don't do that" territory. If you are clever enough to publish a wild card MX, you should be clever enough to publish an appropriate DMARC record. Keep in mind that wildcards don't work the way many people think they do, so if you have *.foo.com along with a.foo.com, then the wildcard will match b.foo.com, but not b.a.foo.com. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc