On 11/23/20 8:28 AM, eric.b.chudow.civ=40mail....@dmarc.ietf.org wrote: > Even for .mil, the vast majority of email domains are fairly short with four > or fewer labels. Most of the other ones tend to be individual servers that > send automatic performance emails, and I think should be considered more of > an edge case and less of our concern.
This is the case for us as well (e.g. our comp sci high throughput compute cluster servers send automatic emails to both internal and external research collaborators). I suppose universities are different than the military since the military probably doesn't want their servers to be sending email externally, whereby with a research university cross-institutional collaboration is inherent. I suppose I consider it an edge case too (a large edge case - I see over 200 of these 4th level domains in or DMARC aggregate reports for the example cluster I cite), but the long tail of servers also aren't likely to change the way they are sending email nor will sysadmins implement SPF/DKIM for every server hostname, etc, so these subdomains are a blocker for publishing sp=reject at the org domain (hence a concern within the context of tree walking). While I understand that there are implementation challenges that may make this infeasible, what I would *like* to do is ask each of these departments/research teams to publish sp=none at their 3rd level domains (and take over DMARC responsibilities for their parts of the tree) so that we can publish sp=reject at the org domain to protect/manage the rest of the university. Jesse P.S. Here are some stats. Unique domains used in the RFC5322.From resulting from mail sent externally to DMARC reporting organizations in the past 2 weeks: 23 2nd level (org domains) 464 3rd level (359 are subdomains of wisc.edu) 522 4th level (all are subdomains of wisc.edu) 13 5th level 2 6th level > > > > Thanks, > > > > Eric Chudow > > DoD Cybersecurity Mitigations > > > > ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ > *From:* Laura Atkins [la...@wordtothewise.com] > *Sent:* Monday, November 23, 2020 8:19 AM > *To:* Murray S. Kucherawy > *Cc:* IETF DMARC WG > *Subject:* Re: [dmarc-ietf] tree walk and Org and PSD, Second WGLC for > draft-ietf-dmarc-psd > > > >> On 22 Nov 2020, at 06:06, Murray S. Kucherawy <superu...@gmail.com >> <mailto:superu...@gmail.com>> wrote: >> >> On Sat, Nov 21, 2020 at 6:23 PM John Levine <jo...@taugh.com >> <mailto:jo...@taugh.com>> wrote: >> >> It is my impression that most real From: domains are pretty short. I >> don't think I've ever seen one more than four labels long that wasn't >> deliberately contrived. Anyone got data on that? >> >> >> I'd bet there are some in .gov or .mil, especially the latter, but otherwise >> I think the longest one I've seen is five, and that was not a host that >> receives mail. >> >> I'm sure we can all scrape our own mail logs for evidence either way. > > This might be a place where one (or more) of the big ESPs can help. They’re > going to have billions of email addresses and know which ones have MXs. I’m > happy to ask for that data if it would be of use. > > laura > > -- > Having an Email Crisis? We can help! 800 823-9674 > > Laura Atkins > Word to the Wise > la...@wordtothewise.com <mailto:la...@wordtothewise.com> > (650) 437-0741 > > Email Delivery Blog: https://wordtothewise.com/blog > <https://wordtothewise.com/blog> > > > > > > > > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc