In article <cal0qlwygtihw5xxt3ptumoishv0wut_frlyzs7d5v1zh_wu...@mail.gmail.com> you write: >Someone in DNSOP, I think, proposed doing the tree walk in the other >direction.
Turns out that won't work because here's what you'd be checking: > _dmarc.paypal.com > _dmarc.baz.paypal.com > _dmarc.bar.baz.paypal.com > _dmarc.foo.bar.baz.paypal.com You can have a NXDOMAIN at _dmarc.paypal.com but a TXT record at _dmarc.bar.baz.paypal.com. You could certainly add heuristics and check plain baz.paypal.com to see if it gives you an NXDOMAIN stop but I have no reason to think that on average it'd actually save queries. It is my impression that most real From: domains are pretty short. I don't think I've ever seen one more than four labels long that wasn't deliberately contrived. Anyone got data on that? R's, John r...@18.183.57.64.in-addr.arpa _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc