I haven’t done extensive research but here is a live example where treewalk will cause a result change.
From: is in the domain Ret.bmcc.cuny.edu which has no DMARC record.
_dmarc.bmcc.cuny.edu. 300 IN TXT "v=DMARC1; p=quarantine; fo=1;
rua=mailto:dmarc_...@emaildefense.proofpoint.com;
ruf=mailto:dmarc_...@emaildefense.proofpoint.com"
_dmarc.cuny.edu. 3325 IN TXT "v=DMARC1;" "p=none;"
"rua=mailto:dmarc_...@emaildefense.proofpoint.com,mailto:post.mas...@cuny.edu;"
"ruf=mailto:dmarc_...@emaildefense.proofpoint.com,mailto:post.mas...@cuny.edu;"
"fo=1"
Good catch, although in this case I think the most likely result is that
the people at bmcc.cuny.edu will say "who set up Ret.bmcc.cuny.edu?" I
see that bmcc.cuny.edu and cuny.edu both use Proofpoint in front of O365,
while Ret.bmcc.cuny.edu goes directly to O365. There's some other
strangeness; www.cuny.edu is a CNAME for web.cuny.edu which has an MX to
mail-relay.cuny.edu. which has 7 A records pointing to machines running
sendmail.
It might be interesting to set up a web page where you can put in a mail
domain and it'll tell you whether its treatment will change with the tree
walk.
Regards,
John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc