IETF Logo Mail Archive

Re: [DNSOP] [EXTERNAL] Re: RDBD (Related Domains By DNS)

"Brotman, Alex" <Alex_Brotman@comcast.com> Wed, 04 March 2020 12:58 UTC

Return-Path: <Alex_Brotman@comcast.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A5D73A0E5D for <dnsop@ietfa.amsl.com>; Wed, 4 Mar 2020 04:58:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com header.b=w49Axgho; dkim=pass (2048-bit key) header.d=comcast.com header.b=rsl8s3A8; dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=comcastcorp.onmicrosoft.com header.b=jeXKBNS7
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rCFq8rB5CHub for <dnsop@ietfa.amsl.com>; Wed, 4 Mar 2020 04:58:52 -0800 (PST)
Received: from mx0a-00143702.pphosted.com (mx0a-00143702.pphosted.com [148.163.145.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51B6F3A0E5F for <dnsop@ietf.org>; Wed, 4 Mar 2020 04:58:52 -0800 (PST)
Received: from pps.filterd (m0184894.ppops.net [127.0.0.1]) by mx0a-00143702.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 024CtglJ007924 for <dnsop@ietf.org>; Wed, 4 Mar 2020 07:58:52 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=20190412; bh=+ck5x7s2FKcLmUL2vtlLhhqWl/z5xdApbJFRzHPK6S4=; b=w49Axgho1pvqViATSC4XY1gHXG0NwdNg9bqoEWC53bBjCI50bjpYgu8eypybcrMttb2x HtNl6pNxq9GJA1/fYhfdC1kfcmiDO98mMt8apiv4gbjsQbXrNnWk46GY5idy/2jSIh9C CGhub7ybeE5UpxBnuWQGZPOMR9wN46fS4C1yUfWtjGHeXJUV7Ch41Bq1RcVliacMsiTJ eaDgHtLOE6Z/nhbukjsDzvTmLjDbvoEx78UFd0wkPTa9ysC9ZMoS51yDloVB7jCuTUbN pxLKnX+OelH3a4OQzxvwZIqZqlVpnqfaWZcwASriJQ52vj2ARX3RCiqrrWVsd0qP2Vy+ fg==
Received: from pacdcmhout01.cable.comcast.com (PACDCMHOUT01.cable.comcast.com [68.87.31.167]) by mx0a-00143702.pphosted.com with ESMTP id 2yfs2pxst1-29 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <dnsop@ietf.org>; Wed, 04 Mar 2020 07:58:51 -0500
DKIM-Signature: v=1; a=rsa-sha256; d=comcast.com; s=20190412; c=relaxed/simple; q=dns/txt; i=@comcast.com; t=1583326731; x=2447240331; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=+ck5x7s2FKcLmUL2vtlLhhqWl/z5xdApbJFRzHPK6S4=; b=rsl8s3A8N+c8Q2BvSXuil6CIMBMbFAXhrPXeDQdRzt+fKeQzEOynXIJ9YImNaMlF m/LZq9qlMl/sm37c9kLc9MTERaTzOpHYlZJkyds4sV1IoSKP1RkN4NzfwbV96OeU SiAne/cp+7GKjyn8jusOQ7Y9mYh6FvQ3UHYlbDngY0Vv1xtHd3qz1umJV1SVvmck qmbW1rRJXNRx63eq1t9Y6FH6WfBiZveZBrBRWRdWPvn52y0xwH75VfyOBhaNKV3d oEivjs475qqGorGzvGm34i5feBKo1AmK9+3LrLPfwrfMlCjStLUuPZ/y7OUp//ZA eLSLsE1YIXbQxLKC7UzIRw==;
X-AuditID: 44571fa7-52bff700000036a5-e6-5e5fa60bb4fe
Received: from PACDCEX36.cable.comcast.com (cas-umc02.ndceast.pa.bo.comcast.net [68.87.34.28]) (using TLS with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client did not present a certificate) by pacdcmhout01.cable.comcast.com (SMTP Gateway) with SMTP id C2.70.13989.B06AF5E5; Wed, 4 Mar 2020 07:58:51 -0500 (EST)
Received: from PACDCEX52.cable.comcast.com (24.40.2.151) by PACDCEX36.cable.comcast.com (24.40.2.135) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 4 Mar 2020 07:58:50 -0500
Received: from PACDCEXEDGE01.cable.comcast.com (76.96.78.71) by PACDCEX52.cable.comcast.com (24.40.2.151) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 4 Mar 2020 07:58:50 -0500
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.168) by webmail.comcast.com (76.96.78.71) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 4 Mar 2020 07:58:50 -0500
Received: from SN6PR11MB2638.namprd11.prod.outlook.com (2603:10b6:805:58::21) by SN6PR11MB2687.namprd11.prod.outlook.com (2603:10b6:805:54::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2772.15; Wed, 4 Mar 2020 12:58:49 +0000
Received: from SN6PR11MB2638.namprd11.prod.outlook.com ([fe80::59d6:351d:d81:6943]) by SN6PR11MB2638.namprd11.prod.outlook.com ([fe80::59d6:351d:d81:6943%7]) with mapi id 15.20.2772.019; Wed, 4 Mar 2020 12:58:49 +0000
From: "Brotman, Alex" <Alex_Brotman@comcast.com>
To: Ben Schwartz <bemasc@google.com>
CC: "dnsop@ietf.org" <dnsop@ietf.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Thread-Topic: [EXTERNAL] Re: [DNSOP] RDBD (Related Domains By DNS)
Thread-Index: AdXxjnC1AAeKZw29QTiE+Dkc1lmpPwAHfRiAAAjD9rAABGqOgAAQxAlg
Date: Wed, 04 Mar 2020 12:58:49 +0000
Message-ID: <SN6PR11MB26389A757CFF5D1CD91742B2F7E50@SN6PR11MB2638.namprd11.prod.outlook.com>
References: <SN6PR11MB263815A3157874070BE86908F7E40@SN6PR11MB2638.namprd11.prod.outlook.com><CAHbrMsBa0rmhP9=qq_g9dBjiui84A7XqW1eC=18EENoOnKTuxg@mail.gmail.com> <SN6PR11MB2638E17F7238590571642988F7E50@SN6PR11MB2638.namprd11.prod.outlook.com> <CAHbrMsDDPHboGFgdP6-n7PyK7V7rr-8CkcKttezxi_k+ZRaKyQ@mail.gmail.com>
In-Reply-To: <CAHbrMsDDPHboGFgdP6-n7PyK7V7rr-8CkcKttezxi_k+ZRaKyQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2001:558:1438:1f:7c55:4ca0:f788:7c16]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e10be8a0-1e63-4f64-db2b-08d7c03bc864
x-ms-traffictypediagnostic: SN6PR11MB2687:
x-microsoft-antispam-prvs: <SN6PR11MB2687309D44AAFBDF2DE70A21F7E50@SN6PR11MB2687.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-forefront-prvs: 0332AACBC3
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(136003)(396003)(346002)(39860400002)(376002)(366004)(199004)(189003)(66476007)(66556008)(64756008)(9686003)(76116006)(66446008)(71200400001)(55016002)(186003)(6506007)(33656002)(53546011)(66946007)(7696005)(81166006)(478600001)(52536014)(81156014)(4326008)(6916009)(54906003)(316002)(5660300002)(86362001)(8676002)(8936002)(2906002)(966005)(16940595002); DIR:OUT; SFP:1102; SCL:1; SRVR:SN6PR11MB2687; H:SN6PR11MB2638.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: comcast.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: c83uWmv4TWi0WRmj4lWT+g/rkI+iXmJULZDTDLNVvkGEHJMVpHSBodl4xUQVJ7+lfnxwFfVEoxMgfZNbvno/Sefb6i3qjS9GdaGXiOgOln/W3zonItYbYtvUXx1+OETvZ9m3NAyNmVREPTeFzE5LFuopOzCQipyFgQqAS0aw1sYTs+Tq/QXAYZSSxtrIRNV3lWpmbt0oa0RsQRW7vr46KDoOnEfa99LNDghbDt8a8BRwKvf4FPeHP72p9rz4UJzIxLrFN/6FY3PAoTUXP+NqHR5l0FKFswLkuO3iZXB4pYTbf4uYPiqnCs6mCWGT/G5ngq5IjM5GVTwUNaXogej38fuQdS4miUT2H9ahScw4KqUAKIq49FPkbdcdBYQ2LkdSlJ98OQ8AMhNu0PvIrUj2IK3u3/IZxMO27rN6J3el3+3jG/U2NHPziVRidfNFlKa27tZ6r+6XfRyBefZ6BR9edb27is15wVTPMSQ5JX3uw51fArDIXweGCmS7u0IPzC5lCu/Dc2MC7PfxeGojjFG8wGl2jVt3p9bKxxnrpNdjYFzMLPRKu3SsUMynkw/6ZLXl
x-ms-exchange-antispam-messagedata: JN9AAnHmmr2EJnO8bgN9vfLeyE8D4cGaUYwWaKUxKAyVR06H2SydyaLeFGgJdwgxVhQXGVt7B3iPlzT/11GYA8o7SITKco3z6C02FVfbw6fgQPN+pgb8ZvdG9NdLL64noQl/IKFweDy8w+tSnydycL5OIbMWAJJFo/q1nEKhn9pUb+1bLWLeOa4bAtGvJ7fsYTBxrrOxtw7DfDKif6BVJw==
x-ms-exchange-transport-forked: True
arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hFyYordb6H3ghjlKJedqd1n1DlBHWvLoYAuvQnlSSYI2C0y/XveCznoJlq0ZR3tJHX6GU/QgiDDHmqvxW41dUl0jDxT7OfaxGdwG1WVJJLTp9nvl5w9dHNWpcBnFt3UppoywyNN1/URVnLCsqawj8BkOsGZBe4ibehM4KPq8/PkYu4rBgnmywvbhhPJQO7G3To8OhlVXFco9yUatIBVrZrCkMXrj2Yqmmiju3+dIkZG6f2+cxp2lAN7JyHFKjUA5wPW3jeDz6oQthkNa+QpgolvKotD++DG+BrHD1hUcag2rBtZ/vWrF2lRKeQ4FbAmQr/5DzWUcuIKshoyr0fhBHw==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;bh=BMv2xzfNDhkYWcaf4seewzCmldbgCP9gOjFTfFSp6qI=; b=CykSt2Aj1ZJMz7dMVFf7jeM+fcUCx9nIjNB75teAcZPRGD5CeOIVgODZzow44BShuHA0IpWr5MbvTYGuFm57c5teuhzQ3tOKn/LUoYcy0LYe2K9GWSenongMH4Uf7J65nHXgunF6oBgSVPLQP1UnCqUAG15o2EruzCJMHFVZKxxbFQe4FzRFx/igNhd4gofwFoJUcEnt+l9r1zpbS8ahJoWXB+H/Fndvjb6E7hcYZlU9GjrJN0kt3rgugostE6cBD+5HGmDLmFAJzhA8Lo6hsMmm1wAq44KNk7nOQvdY1YwJ55pkfQ68d3daNHM8R6mS/NGAz4UT/rRIvVH23mhSHA==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=comcast.com; dmarc=pass action=none header.from=comcast.com; dkim=pass header.d=comcast.com; arc=none
dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcastcorp.onmicrosoft.com; s=selector1-comcastcorp-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;bh=BMv2xzfNDhkYWcaf4seewzCmldbgCP9gOjFTfFSp6qI=; b=jeXKBNS7s/BEWUXfrvvpmqZtTlUzoMQ5re2hh7mfA9hh42pQJSu3wwHy2Jis2wAl22PRahwaH/rSFKBzua62o0MXnEawWlLcBFi1BTEI/l66lONdmkb0wAM14b3bdypftEnLIe43dqO88rF0nJVFm6m7S5I3UvVNMukjmByLWo4=
x-ms-exchange-crosstenant-network-message-id: e10be8a0-1e63-4f64-db2b-08d7c03bc864
x-ms-exchange-crosstenant-originalarrivaltime: 04 Mar 2020 12:58:49.0572 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: ygO1eFuiKnRQdFf8joAyxiz2qmH95XNbPoqnBrs16wlvTWlY8OMixkqOTgfmQde1GRFIrBeUbgqgXHTXrLJGaDJPbtajmAE8s38JP482h+Y=
x-ms-exchange-transport-crosstenantheadersstamped: SN6PR11MB2687
x-originatororg: comcast.com
Content-Type: multipart/alternative; boundary="_000_SN6PR11MB26389A757CFF5D1CD91742B2F7E50SN6PR11MB2638namp_"
MIME-Version: 1.0
X-CFilter-Loop: Forward
X-Brightmail-Tracker: H4sIAAAAAAAAA01Sa0iTYRTm/b5v2+d08jaXnsxLjShbORVTV0aUSeiPysAIUtTBPlK8tqmk vwwymtrFrJlTceWaQ52ZKF5qhpaBQiReooLMoRYTQU0rRyRtew3897zP85zznHN4WVrczPNn s/IKOXWeMkfKFzLxl6QBoZ6m9LTwEXOg4u9sI0/xZWmSUdRaPwhO0gmWyml+gqGrKMFodFBJ 9GXhcRWXk1XMqcNOZAgzrc91TMGdTnStffZcGeprQxXIgwV8BOqXTU4sZMX4DQW3tBa+SxDj fgSDm9FEmEJQa9vkk8cIgl9rtQxxPaGgoyKYCF8RWD/V0S6Bj8NhcWLIbZLgfdDT+M2NaZwM 6y2dzk4s64NPgWPFg1jioLfDQbloCT4DNy1eLppxVtav290DiXAqWOxGhkRZKdC2TbujPPAF 0JUvuk0I+8LvsXaKRPnB5/kmiqyJwfjyPU3wTrDPbfKIPwVMi1XIlQtYAdofIcQSCBNNlVsX Ogvjd7/zCJbBww3TFp8NH2/83ML7YW1hiiZtAmBiNZXQTxl4Yc4kl1LBQP+QgPBB0HrbxtxD kfptg+qd1TTOh0f6RL174R0wWjfPEPogPBsII+698KDSJiA4BMobGgXbeQMStCKvaIVcESOP jJBHRMd0IffXCW7pQ736zGGEWST1EmmN6WlinrJYU5I7jIClpRKRT5STEqmUJaWcOj9dXZTD aYbRbpaR+omaI5PSxPiKspDL5rgCTv1fpVgP/zJkqIk9/CqsQTa++s7gqzNK/We7TzOj3leD Lgo3YlbnNBWWP6GqhfgWmSRWEDp7qE/+dtcxT/8DDvHymKy6XxPXnaIP7QlKRL1GW5S5ZClZ Z6xuVT2ekVMLMzbfkcnrBttKlvroINeUK65aqimvMZ/PLZ30tjfGZLze493QdV/KaDKVETJa rVH+A9cQK3c2AwAA
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.572 definitions=2020-03-04_03:2020-03-04, 2020-03-04 signatures=0
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/IdL1rg2XVALZ3ciQM04geZbfZoY>
Subject: Re: [DNSOP] [EXTERNAL] Re: RDBD (Related Domains By DNS)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Mar 2020 12:58:54 -0000

Those are the examples I used, mostly because that’s the world I live in for my day job.

And in agreement with Stephen, we can work to add more clearly defined use cases in the draft.

--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast

From: Ben Schwartz <bemasc@google.com>
Sent: Tuesday, March 3, 2020 11:55 PM
To: Brotman, Alex <Alex_Brotman@comcast.com>
Cc: dnsop@ietf.org; Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [EXTERNAL] Re: [DNSOP] RDBD (Related Domains By DNS)

It sounds like you're proposing that this would be used as part of an anti-phishing e-mail filtering system.  That seems like a fine use-case, and I would suggest spelling it out precisely in the draft, instead of the current (vague) use cases.

I'm still not entirely clear on how this is supposed to work, which is why I would appreciate the worked example.  It seems like, in addition to RDBD, your filter also needs some kind of "appears-related" heuristic, and a list of "high-trust" domains, on the theory that one should block messages containing repudiated domains that look similar to a high-trust domain.  However, I don't think this is likely to be a reasonable use of the existing rdbd-tags, neither of which amounts to an accusation of phishing per se.  (Consider, for example, the entire ".sucks" TLD.)

Regardless of the use case, I think a more detailed example would be helpful for understanding what heuristics are needed, and to what extent RDBD would make the use case easier.

On Tue, Mar 3, 2020 at 10:09 PM Brotman, Alex <Alex_Brotman@comcast.com<mailto:Alex_Brotman@comcast.com>> wrote:
From the perspective of messaging anti-abuse, this can help when that department goes to an outside source.  If I see “example.com<http://example.com>” and “example-hr.com<http://example-hr.com>”, is there an easy way today to ensure they’re actually related if they’re not registered through the same firm or hosted at the same NS systems?  If one can’t definitively determine that, you might decide that they are spam/phishing messages, and treat them more harshly when trying to determine if they are legit/spam.  For example, I’m pretty sure that “google.com<http://google.com>” and “google-events.com<http://google-events.com>” aren’t related based on the content of the latter’s website, but if I were to receive an email message from google-events.com<http://google-events.com>, it might not be as easy to tell.  As for cousin domains, if you already know that the malicious domain exists, you can assert a negative relationship.  If “example.com<http://example.com>” does not know “examp1e.com<http://examp1e.com>” exists, there would be neither a positive or negative relationship asserted, but the lack of a positive (when others are stated positively/negatively), could be used as some signal by the evaluator.

--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast

From: Ben Schwartz <bemasc@google.com<mailto:bemasc@google.com>>
Sent: Tuesday, March 3, 2020 5:38 PM
To: Brotman, Alex <Alex_Brotman@comcast.com<mailto:Alex_Brotman@comcast.com>>
Cc: dnsop@ietf.org<mailto:dnsop@ietf.org>; Stephen Farrell <stephen.farrell@cs.tcd.ie<mailto:stephen.farrell@cs.tcd.ie>>
Subject: [EXTERNAL] Re: [DNSOP] RDBD (Related Domains By DNS)

Thanks for the draft.  I haven't been following this, and I found it interesting.

I would appreciate more fully worked use cases to explain the motivation.  What is the use in correlating different domains?  How would one use this to prevent "cousin" attacks?

On Tue, Mar 3, 2020 at 2:12 PM Brotman, Alex <Alex_Brotman@comcast.com<mailto:Alex_Brotman@comcast.com>> wrote:
Hello,

A while ago, Stephen and I had sent out a few versions of this, and we had some discussions and revisions were made.  At the time, discussion waned, however I wanted to pick this up again before the onset of IETF107.

https://datatracker.ietf.org/doc/draft-brotman-rdbd/

 I've had some folks contact me privately, and I saw an inquiry on another list.  There does seem to be some interest, at least in the anti-abuse and research communities, of making this a functional proposition.

To recap, the rough idea is that implementers would be able to positively or negatively confirm relationships between domains.  In the world of anti-abuse and research, these links are not always obvious.  For example, in a large corporation, some teams may go outside acceptable practice and register a domain through another provider.  Or it may be that you have international branches that operate on a different TLD, but you may not have registered with all TLDs.  In the latter case, being able to both positively and negatively state a relationship could be useful for anti-spam/phishing.

Any questions or comments would be greatly appreciated.  Thank you.

--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org<mailto:DNSOP@ietf.org>
https://www.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email