On Fri, May 7, 2021 at 1:03 PM Douglas Foster < dougfoster.emailstanda...@gmail.com> wrote:
> *The existence / non-existence test:* > > Given an identifier which is presumed to be a DNS domain name, perfrom a > DNS lookup based on that name. > The query may: > [...] > - return results using data from a parent domain > Can you give an example? Otherwise I don't know what distinction you're trying to make. Is there a query or collection of queries that can ensure that we only > accept results from the identifier domain and not from the parent? > I don't understand. In the "answer" portion of a DNS record, you either get what you asked for (or something matching it like a wildcard), or you don't. Anything else you might get is "glue" data, which as I recall is easy to identify and exclude. > *Wildcard DNS:* > > Wildcard entries create intentional ambiguity. How do we suggest that > wildcard results should be factored into the evaluation? > You can't, as far as I know. That's the nature of wildcard records. *The mail-enabled test:* > > Once existence / non-existence is determined, is it desirable to test for > "mail enabled"? > It may be, but it's historically an expensive test with false negatives, as far as I recall from my time working on mailing list software. Those sorts of probes get you into block lists if you do them a lot. If so, what role should parent-domain results play in answering this > question? > If "Mail Enabled" is relevant, why is the existence of an SPF policy > irrelevant? > I don't understand the purpose of the latter question. -MSK
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
