I don't understand the issue here: either ret.bmcc inherits from bmcc... or it publishes its own. Why would anything else make sense?
Barry On Sat, Feb 25, 2023 at 2:29 AM Alessandro Vesely <ves...@tana.it> wrote: > > On Fri 24/Feb/2023 21:21:15 +0100 Brotman, Alex wrote: > > While discussing this with someone at the conference yesterday, we thought > > perhaps we could introduce something of a referral. > > > > Currently: > > _dmarc.ret.bmcc.cuny.edu NULL > > _dmarc.bmcc.cuny.edu "v=DMARC1; p=quarantine; fo=1; > > rua=mailto:dmarc_...@emaildefense.proofpoint.com; > > ruf=mailto:dmarc_...@emaildefense.proofpoint.com"; > > _dmarc.cuny.edu > > "v=DMARC1;p=none;rua=mailto:dmarc_...@emaildefense.proofpoint.com,mailto:post.mas...@cuny.edu;ruf=mailto:dmarc_...@emaildefense.proofpoint.com,mailto:post.mas...@cuny.edu;fo=1"; > > > > Proposed: > > _dmarc.bmcc.cuny.edu "v=DMARC1;sp=refer:cuny.edu; p=quarantine; fo=1; > > rua=mailto:dmarc_...@emaildefense.proofpoint.com; > > ruf=mailto:dmarc_...@emaildefense.proofpoint.com"; > > > > Adding the "sp=refer:cuny.edu" would allow the existing policy to be used > > for undeclared subdomains under the third-level domain. This could be > > useful in the situation where an OrgDomain would like to still maintain > > some control over policy for the undeclared domains. > > > I like the ability of allowing a subdomain to publish its own policy without > affecting further subdomains. Indeed, bmcc.cuny.edu features a list of NSes > different from cuny.edu. Now, ret.bmcc.cuny.edu has no NS record, but has an > MX different from bmcc. Clearly its mail management is independent. > > OTOH, we cannot force bmcc to monitor the p= and sp= tags of their parent > domain and change their own sp= tag accordingly. > > However, I dislike refer:cuny.edu. What if they published refer:outlook.com? > > Rather I'd propose sp=inherit. A receiver has to navigate to cuny.edu anyway > if it needs to establish the organizational domain, so it can retrieve the > policy as well. > > > Best > Ale > -- > > > > > > > > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
