The issue here, Tim, is that the current way of checking the PSL would send you to the DMARC record for cuny.edu and p=none, while using the new tree walk would send you to the DMARC record for bmcc.cuny.edu and p=quarantine.
In this case, it’s showing that the tree walk is the better mechanism, because it’s pretty clear that it matches the publisher’s intent. But Elizabeth is pointing out that it DOES change the result, which means that the result depends upon which version of the DMARC spec the receiving domain is using. Barry On Thu, Feb 23, 2023 at 3:51 PM Tim Wicinski <tjw.i...@gmail.com> wrote: > > Elizabeth, > > (speaking as a DNS person). I think this is "OK" - at my last job we set > up DMARC records which stricter in certain subdomains than > the parent domain. (Now I need to go find the machine where I left my code > which did all this validation). > > > (As a DNS person I want to find the folks who put in the TXT record for _ > dmarc.cuny.edu and ask them to quote their string. But that's > my OCD). > > tim > > > On Thu, Feb 23, 2023 at 5:30 PM Elizabeth Zwicky <zwicky= > 40otoh....@dmarc.ietf.org> wrote: > >> >> I haven’t done extensive research but here is a live example where >> treewalk will cause a result change. >> >> From: is in the domain Ret.bmcc.cuny.edu which has no DMARC record. >> >> _dmarc.bmcc.cuny.edu. 300 IN TXT "v=DMARC1; p=quarantine; >> fo=1; rua=mailto:dmarc_...@emaildefense.proofpoint.com; ruf=mailto: >> dmarc_...@emaildefense.proofpoint.com" >> >> _dmarc.cuny.edu. 3325 IN TXT "v=DMARC1;" "p=none;" >> "rua=mailto:dmarc_...@emaildefense.proofpoint.com,mailto: >> post.mas...@cuny.edu;" "ruf=mailto:dmarc_...@emaildefense.proofpoint.com >> ,mailto:post.mas...@cuny.edu;"; "fo=1" >> >> Elizabeth Zwicky >> _______________________________________________ >> dmarc mailing list >> dmarc@ietf.org >> https://www.ietf.org/mailman/listinfo/dmarc >> > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc >
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
