Re: [dmarc-ietf] Thoughts on choosing N
John Levine <johnl@taugh.com> Tue, 16 April 2024 18:24 UTC
Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6088C14F684 for <dmarc@ietfa.amsl.com>; Tue, 16 Apr 2024 11:24:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.849
X-Spam-Level:
X-Spam-Status: No, score=-1.849 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.248, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="YwvWZVVB"; dkim=pass (2048-bit key) header.d=taugh.com header.b="nfxb6myQ"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ePiVnU5p8GqQ for <dmarc@ietfa.amsl.com>; Tue, 16 Apr 2024 11:24:11 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EFBE6C14F601 for <dmarc@ietf.org>; Tue, 16 Apr 2024 11:24:10 -0700 (PDT)
Received: (qmail 82909 invoked from network); 16 Apr 2024 18:24:08 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=143d5661ec248.k2404; bh=xXEs3q9LdsjdenLj2eAyt0x06w4+QqvbObN5PZuXE3Y=; b=YwvWZVVB28KNRWAM5Dg6jqPqaxFBIo5fgegYv4ZvVm0KQm0F2890JQp0sqyVJhs+Q0dxrkOYojXjk0wUxi2oVusHaAOakdZgeTYV1X1/It3UxneyWck3DMB8a0UjhS20sh3xIQSN5eoay9q859S0Znqw1YtLKPDx6qfxEA/zGHE8DPBzNAGbQzPup/mh2bIYegQmKwyJgEl7Umt2hRbFgRRLFsnHT0tDs9RwBA8uEO1stqLUBXpKDYB1TDyd2HBQ24zrtPW9eYqm8lQobYm3ZULSavy31869khOWYTAN4LsYF7MUbQu88q1QUL2sf6PQYgzih+2nbCtIm6sWei+q8g==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=143d5661ec248.k2404; bh=xXEs3q9LdsjdenLj2eAyt0x06w4+QqvbObN5PZuXE3Y=; b=nfxb6myQTwLML6bpnIjtjx9WsfP/gqvqP9OS8qoiGyBo0zWhWeuXfZBHjX5i530kL6z3M8QnQbSaVh1QRV8dBs/C2k6ZLv2uT9yN715rI7QG69wDrLwRzI/ffH4jrZg7Mq/gYBqOSs/DBtvoxxKRNYGK5w2fpWNQM45jvaOhnWQ6HOAix+Za2v/uzO4a9gTK25UuzKeK6hV4ZRQtONvtSYEHOHv9DGiBSqBHWURfi8qeiduV/Zm18B9o5ik5NQuWQWvt176HApf2qCf0IUUtVAPkjW1WoAr1f4bNUtMxC9OZrZR/BuQqfrfe8yXrh9pgG5zsovcYAf/XdKWYKTmqIA==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA CHACHA20-POLY1305 AEAD) via TCP6; 16 Apr 2024 18:24:08 -0000
Received: by ary.qy (Postfix, from userid 501) id 9AD99888CD13; Tue, 16 Apr 2024 14:24:07 -0400 (EDT)
Date: Tue, 16 Apr 2024 14:24:07 -0400
Message-Id: <20240416182407.9AD99888CD13@ary.qy>
From: John Levine <johnl@taugh.com>
To: dmarc@ietf.org
Cc: sklist@kitterman.com
In-Reply-To: <1B5E0A76-270B-486E-9EA2-F1B936092198@kitterman.com>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/-f_2elhSJeK1GWrpoMKaZclmnvE>
Subject: Re: [dmarc-ietf] Thoughts on choosing N
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Apr 2024 18:24:16 -0000
It appears that Scott Kitterman <sklist@kitterman.com> said: >In the case of a.b.c.example.com and example.com is in the PSL, the DMARC records in a.b.c.example.com (if present) and example.com >(otherwise) are consulted. The only way to get to b.c.example.com or c.example.com would be to add them to the PSL. These are >what I meant by intermediate records. I get that but in fact there are lots of PSL records underneath .com, more than 900 of them. >I don't find cases where it looks like such things have been added to the PSL, ... We know there aren't any in the PSL more than 5 levels deep but there are plenty shallower than that. I have no idea how many of them are used for mail but a lot of them look plausible. R's, John Here's some of them a2hosted.com cpserver.com adobeaemcloud.com airkitapps.com airkitapps-au.com aivencloud.com kasserver.com awsglobalaccelerator.com siiites.com on-aptible.com myasustor.com balena-devices.com betainabox.com boutir.com bplaced.com cafjs.com canva-apps.com br.com cn.com de.com eu.com jpn.com mex.com ru.com sa.com uk.com us.com za.com ar.com hu.com kr.com no.com qc.com uy.com africa.com gr.com co.com jdevcloud.com wpdevcloud.com cloudcontrolled.com cloudcontrolapp.com cf-ipfs.com cloudflare-ipfs.com trycloudflare.com cdn77-storage.com dnsabr.com cyclic-app.com dattolocal.com dattorelay.com dattoweb.com mydatto.com builtwithdark.com ddns5.com discordsays.com discordsez.com drayddns.com dreamhosters.com mydrobo.com dyndns-at-home.com dyndns-at-work.com dyndns-blog.com dyndns-free.com dyndns-home.com dyndns-ip.com dyndns-mail.com dyndns-office.com dyndns-pics.com dyndns-remote.com dyndns-server.com dyndns-web.com dyndns-wiki.com dyndns-work.com blogdns.com cechire.com dnsalias.com dnsdojo.com doesntexist.com dontexist.com doomdns.com dyn-o-saur.com dynalias.com est-a-la-maison.com est-a-la-masion.com est-le-patron.com est-mon-blogueur.com from-ak.com from-al.com from-ar.com from-ca.com from-ct.com from-dc.com from-de.com from-fl.com from-ga.com from-hi.com from-ia.com from-id.com from-il.com from-in.com from-ks.com from-ky.com from-ma.com from-md.com from-mi.com from-mn.com from-mo.com from-ms.com from-mt.com from-nc.com from-nd.com from-ne.com from-nh.com from-nj.com from-nm.com from-nv.com from-oh.com from-ok.com from-or.com from-pa.com from-pr.com from-ri.com from-sc.com from-sd.com from-tn.com from-tx.com from-ut.com from-va.com from-vt.com from-wa.com from-wi.com from-wv.com from-wy.com getmyip.com gotdns.com hobby-site.com homelinux.com homeunix.com iamallama.com is-a-anarchist.com is-a-blogger.com is-a-bookkeeper.com is-a-bulls-fan.com is-a-caterer.com is-a-chef.com is-a-conservative.com is-a-cpa.com is-a-cubicle-slave.com is-a-democrat.com is-a-designer.com is-a-doctor.com is-a-financialadvisor.com is-a-geek.com is-a-green.com is-a-guru.com is-a-hard-worker.com is-a-hunter.com is-a-landscaper.com is-a-lawyer.com is-a-liberal.com is-a-libertarian.com is-a-llama.com is-a-musician.com is-a-nascarfan.com is-a-nurse.com is-a-painter.com is-a-personaltrainer.com is-a-photographer.com is-a-player.com is-a-republican.com is-a-rockstar.com is-a-socialist.com is-a-student.com is-a-teacher.com is-a-techie.com is-a-therapist.com is-an-accountant.com is-an-actor.com is-an-actress.com is-an-anarchist.com is-an-artist.com is-an-engineer.com is-an-entertainer.com is-certified.com is-gone.com is-into-anime.com is-into-cars.com is-into-cartoons.com is-into-games.com is-leet.com is-not-certified.com is-slick.com is-uberleet.com is-with-theband.com isa-geek.com isa-hockeynut.com issmarterthanyou.com likes-pie.com likescandy.com neat-url.com saves-the-whales.com selfip.com sells-for-less.com sells-for-u.com servebbs.com simple-url.com space-to-rent.com teaches-yoga.com writesthisblog.com ddnsfree.com ddnsgeek.com giize.com gleeze.com kozow.com loseyourip.com ooguy.com theworkpc.com mytuleap.com tuleap-partners.com encoreapi.com onfabrica.com fastly-edge.com fastly-terrarium.com fastvps-server.com mydobiss.com firebaseapp.com fldrv.com forgeblocks.com framercanvas.com freebox-os.com freeboxos.com freemyip.com aliases121.com gentapps.com gentlentapis.com githubusercontent.com appspot.com codespot.com googleapis.com googlecode.com pagespeedmobilizer.com publishproxy.com withgoogle.com withyoutube.com blogspot.com grayjayleagues.com awsmppl.com herokuapp.com herokussl.com impertrixcdn.com impertrix.com smushcdn.com wphostedmail.com wpmucdn.com pixolino.com amscompute.com dopaas.com kilatiron.com webadorsite.com ktistory.com lpusercontent.com barsycenter.com barsyonline.com mazeplay.com miniserver.com atmeta.com meteorapp.com hostedpi.com nfshost.com ddnslive.com myiphost.com blogsyte.com ciscofreak.com damnserver.com ditchyourip.com dnsiskinky.com dynns.com geekgalaxy.com health-carereform.com homesecuritymac.com homesecuritypc.com myactivedirectory.com mysecuritycamera.com net-freaks.com onthewifi.com point2this.com quicksytes.com securitytactics.com serveexchange.com servehumour.com servep2p.com servesarcasm.com stufftoread.com unusualperson.com workisboring.com ddnsking.com myvnc.com servebeer.com servecounterstrike.com serveftp.com servegame.com servehalflife.com servehttp.com serveirc.com servemp3.com servepics.com servequake.com simplesite.com orsites.com operaunite.com authgear-staging.com authgearapps.com skygearapp.com outsystemscloud.com ownprovider.com pgfog.com pagefrontapp.com pagexl.com gotpantheon.com upsunapp.com platter-app.com pleskns.com postman-echo.com pythonanywhere.com qualifioapp.com ladesk.com qbuser.com qa2.com dev-myqnapcloud.com alpha-myqnapcloud.com myqnapcloud.com rackmaze.com rhcloud.com onrender.com dojin.com sakuratan.com sakuraweb.com x0.com logoip.com scrysec.com firewall-gateway.com myshopblocks.com myshopify.com shopitsite.com appchizi.com applinzi.com sinaapp.com vipsinaapp.com bounty-full.com streamlitapp.com try-snowplow.com w-corp-staticblitz.com w-credentialless-staticblitz.com w-staticblitz.com stackhero-network.com playstation-cloud.com myspreadshop.com streak-link.com streaklinks.com streakusercontent.com temp-dns.com dsmynas.com familyds.com mytabit.com reservd.com thingdustdata.com bloxcms.com townnews-staging.com hk.com it.com wafflecell.com reserve-online.com hotelwithflight.com remotewd.com messwithdns.com woltlab-demo.com wpenginepowered.com wixsite.com xnbay.com yolasite.com demo.datadetect.com instance.datadetect.com eu-1.evennode.com eu-2.evennode.com eu-3.evennode.com eu-4.evennode.com us-1.evennode.com us-2.evennode.com us-3.evennode.com us-4.evennode.com paas.hosted-by-previder.com rag-cloud.hosteur.com rag-cloud-ch.hosteur.com jcloud.ik-server.com jcloud-ver-jpc.ik-server.com demo.jelastic.com paas.massivegrid.com jed.wafaicloud.com lon.wafaicloud.com ryd.wafaicloud.com app.lmpm.com members.linode.com ip.linodeusercontent.com apps.fbsbx.com eu.meteorapp.com cloudapp.azure.com customer.mythic-beasts.com caracal.mythic-beasts.com fentiger.mythic-beasts.com lynx.mythic-beasts.com ocelot.mythic-beasts.com oncilla.mythic-beasts.com onza.mythic-beasts.com sphinx.mythic-beasts.com vs.mythic-beasts.com x.mythic-beasts.com yali.mythic-beasts.com cloud.nospamproxy.com static.observableusercontent.com xen.prgmr.com eu.pythonanywhere.com app.render.com alpha.bounty-full.com beta.bounty-full.com api.stdlib.com site.tb-hosting.com pro.typeform.com pages.wiardweb.com js.wpenginepowered.com u2.xnbay.com u2-local.xnbay.com
- Re: [dmarc-ietf] Thoughts on choosing N John Levine
- Re: [dmarc-ietf] WGLC editorial review of draft-i… Alessandro Vesely
- [dmarc-ietf] WGLC editorial review of draft-ietf-… Seth Blank
- Re: [dmarc-ietf] WGLC editorial review of draft-i… John Levine
- Re: [dmarc-ietf] WGLC editorial review of draft-i… Seth Blank
- Re: [dmarc-ietf] WGLC editorial review of draft-i… Douglas Foster
- Re: [dmarc-ietf] WGLC editorial review of draft-i… Alessandro Vesely
- Re: [dmarc-ietf] WGLC editorial review of draft-i… Mark Alley
- Re: [dmarc-ietf] WGLC editorial review of draft-i… Alessandro Vesely
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… John Levine
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Seth Blank
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Murray S. Kucherawy
- Re: [dmarc-ietf] WGLC editorial review of draft-i… Murray S. Kucherawy
- Re: [dmarc-ietf] WGLC editorial review of draft-i… Murray S. Kucherawy
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Richard Clayton
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Seth Blank
- Re: [dmarc-ietf] WGLC editorial review of draft-i… Tero Kivinen
- Re: [dmarc-ietf] WGLC editorial review of draft-i… Alessandro Vesely
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Brotman, Alex
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Dotzero
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Tim Wicinski
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Todd Herr
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Tim Wicinski
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Jim Fenton
- Re: [dmarc-ietf] WGLC editorial review of draft-i… Alessandro Vesely
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Brotman, Alex
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Todd Herr
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Murray S. Kucherawy
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… John Levine
- Re: [dmarc-ietf] ARC, was WGLC editorial review o… Alessandro Vesely
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Tim Wicinski
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Laura Atkins
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Dotzero
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Scott Kitterman
- Re: [dmarc-ietf] WGLC editorial review of draft-i… Scott Kitterman
- Re: [dmarc-ietf] the long march, WGLC editorial r… John R. Levine
- Re: [dmarc-ietf] the long march, WGLC editorial r… Scott Kitterman
- Re: [dmarc-ietf] SPF follies, WGLC editorial revi… Neil Anuskiewicz
- Re: [dmarc-ietf] the long march, WGLC editorial r… Murray S. Kucherawy
- Re: [dmarc-ietf] Thoughts on choosing N Douglas Foster
- Re: [dmarc-ietf] Thoughts on choosing N Alessandro Vesely
- Re: [dmarc-ietf] Thoughts on choosing N Scott Kitterman
- Re: [dmarc-ietf] Thoughts on choosing N Todd Herr
- Re: [dmarc-ietf] Thoughts on choosing N Murray S. Kucherawy
- Re: [dmarc-ietf] Thoughts on choosing N Douglas Foster
- Re: [dmarc-ietf] Thoughts on choosing N John Levine
- Re: [dmarc-ietf] Thoughts on choosing N Douglas Foster
- Re: [dmarc-ietf] Thoughts on choosing N John Levine
- Re: [dmarc-ietf] Thoughts on choosing N Scott Kitterman
- Re: [dmarc-ietf] Thoughts on choosing N (choose 6) Douglas Foster
- Re: [dmarc-ietf] Thoughts on choosing N Todd Herr
- Re: [dmarc-ietf] Thoughts on choosing N Scott Kitterman
- Re: [dmarc-ietf] Thoughts on choosing N John Levine
- Re: [dmarc-ietf] Thoughts on choosing N Scott Kitterman
- Re: [dmarc-ietf] Thoughts on choosing N Scott Kitterman
- Re: [dmarc-ietf] Thoughts on choosing N Todd Herr
- Re: [dmarc-ietf] Thoughts on choosing N Alessandro Vesely
- Re: [dmarc-ietf] Thoughts on choosing N John Levine
- Re: [dmarc-ietf] Thoughts on choosing N Neil Anuskiewicz
- Re: [dmarc-ietf] Thoughts on choosing N Scott Kitterman
- Re: [dmarc-ietf] Thoughts on choosing N Scott Kitterman
- Re: [dmarc-ietf] Thoughts on choosing N Douglas Foster
- Re: [dmarc-ietf] Thoughts on choosing N Alessandro Vesely