IETF Logo Mail Archive

Re: [dmarc-ietf] Draft 10 notes: NXDOMAIN

Todd Herr <todd.herr@valimail.com> Mon, 27 June 2022 13:52 UTC

Return-Path: <todd.herr@valimail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 19E1EC15AAC4 for <dmarc@ietfa.amsl.com>; Mon, 27 Jun 2022 06:52:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JuccEL0F-Hzo for <dmarc@ietfa.amsl.com>; Mon, 27 Jun 2022 06:52:10 -0700 (PDT)
Received: from mail-yb1-xb32.google.com (mail-yb1-xb32.google.com [IPv6:2607:f8b0:4864:20::b32]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F069C157B36 for <dmarc@ietf.org>; Mon, 27 Jun 2022 06:52:10 -0700 (PDT)
Received: by mail-yb1-xb32.google.com with SMTP id i15so16923714ybp.1 for <dmarc@ietf.org>; Mon, 27 Jun 2022 06:52:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=wxqMvQ84C8cJi7JwgleGz8FtmidIPkTkt9Be8pXrSE4=; b=LWcTSSfdGfxKz0F8VVrDun4KMW5prfLJjoD6CXftBgnRdWwZBy9Lrk9gpYFqBSTLHX wHCoyofLtonoB1HcWj5yq1pwbxga9/YykFk5ZKQC1NhdRc/fUCwZ6aCHcPqjUQGxaLMP VhA14qNJmPkLLw31O/ehcAHTLMWnJOzMjyRntfshXSYvlFI5crGP8rsa6BwFOSSFBpbk QpXukNvo292tyEIrFRI7WGgwEkxqJQ1wkmD6UeJdmiryrzs8y3cnZgUvWJRhSk+plxP1 ayHd+fFFnTGcwDY15HoHKXGkSQFEDE1crdtjpeb8o1m+Z2/5T4oiyMha3Eyg+M6zyhIN eo2Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=wxqMvQ84C8cJi7JwgleGz8FtmidIPkTkt9Be8pXrSE4=; b=OkaiAJI/XGrrco3wBoKWXbRkeZEZ6SlxzlrFeLKhGeSASJgKA4RHtRidyGV6IvHgfq Daj4gEXhPnNfNUqWhn6RAG/mDHJp9UgkbNwCuBBi7T/DzDWVM4xVKiPoITQmJA/5E7Xr V5uPkSfzKxm/nDzdXfIBLXQYChY/AR06gF7b12QH6z9D4tgu0zfr6IlNXwCueE+67KM+ In1XHOziAF5QD0nWm1w2d/aBQsA6wyHII+AJc6qOcJmOUXmoT03O5pbWm+Xj3ghlMYxs 1qr6q3pFqUsUJuOE5iziELTBPJO4gVbEzpIkDqqUgprV2tQ1hG707UeAcFhmM9wkj6BA MQ6w==
X-Gm-Message-State: AJIora+bvT/CZrHIIn4RcTkmqhhl3srB0nXMmes/7TfAYlcwvGyz3/G3 PWPfpFy1xIi9TxbMsGGNjbT/P6NLfO/wvKj/+BBrAg==
X-Google-Smtp-Source: AGRyM1vxqv+K0sBJkl2Qt3ZV2znrsTYwQqqbLxJaQ+uOTC14osrbLmlNpyFApxs2Byi8+LEh5W2n9+dHCHxtGPRiV8k=
X-Received: by 2002:a25:b314:0:b0:66c:b307:e67e with SMTP id l20-20020a25b314000000b0066cb307e67emr7004807ybj.598.1656337928815; Mon, 27 Jun 2022 06:52:08 -0700 (PDT)
MIME-Version: 1.0
References: <CAH48Zfy4mKG=K+YamFiQVSt0D-oDPOBDaJLsW3iX7HucCQRV+g@mail.gmail.com>
In-Reply-To: <CAH48Zfy4mKG=K+YamFiQVSt0D-oDPOBDaJLsW3iX7HucCQRV+g@mail.gmail.com>
From: Todd Herr <todd.herr@valimail.com>
Date: Mon, 27 Jun 2022 09:51:52 -0400
Message-ID: <CAHej_8nve0nevJ5=F7MPCQc4s=KPjQqNe++KOhiYbJPh_Q0yUg@mail.gmail.com>
To: Douglas Foster <dougfoster.emailstandards@gmail.com>
Cc: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000e020a105e26e393c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/MPDMCzRGHPjPqewiVbjIoLYhb3k>
Subject: Re: [dmarc-ietf] Draft 10 notes: NXDOMAIN
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Jun 2022 13:52:14 -0000

On Sun, Jun 26, 2022 at 1:27 PM Douglas Foster <
dougfoster.emailstandards@gmail.com> wrote:

> Our draft references and repeats RFC 8020, which asserts that
>
> "when a DNS resolver receives a response with a response code of NXDOMAIN,
> it means that the domain name which is thus denied AND ALL THE NAMES UNDER
> IT do not exist."
>
> My testing indicates that this is not correct.   NXDOMAIN means that no
> resource records exist for the specified domain name.  The domain may
> contain subdomain nodes which may contain resource records.
>
> My testing performed on Windows.
>
> Can someone else test this and report your results?
>
>
It might help further the discussion if you were to favor the rest of us
with the examples you used.

Specifically, for which domain name did you query and received an NXDOMAIN
response, and for which subdomain node of that domain did you query and
receive resource record(s) in return?
-- 

*Todd Herr * | Technical Director, Standards and Ecosystem
*e:* todd.herr@valimail.com
*m:* 703.220.4153

This email and all data transmitted with it contains confidential and/or
proprietary information intended solely for the use of individual(s)
authorized to receive it. If you are not an intended and authorized
recipient you are hereby notified of any use, disclosure, copying or
distribution of the information included in this transmission is prohibited
and may be unlawful. Please immediately notify the sender by replying to
this email and then delete it from your system.

v2.23.0 | Report a Bug | By Email