On Sun 03/Apr/2022 18:07:29 +0200 John R Levine wrote:
On Sun, 3 Apr 2022, Alessandro Vesely wrote:
(If the one beneath it has no DMARC record, is it still the org domain? I
think it is.)
This seems to be inconsistent with the sentence that follows. Would the
landscape change if .com suddenly publishes psd=y?
Currently with the PSL lookup, foo.com is an org domain whether or not it
publishes a DMARC record, and mail.foo.com and sales.foo.com are in relaxed
alignment. While I think it would be reasonable to say that an org domain has
to publish a DMARC record if it's going to be used for relaxed alignment, that
would be a change from the current rule.
The current definition, Section 3.2.7, replicates the original semantic:
3.2.7. Organizational Domain
The Organizational Domain is typically a domain that was registered
with a domain name registrar. More formally, it is any Public Suffix
Domain plus one label. The Organizational Domain for the domain in
the RFC5322.From domain is determined by applying the algorithm found
in Section 4.8.
The last sentence is particular in that Section 4.8 aims at determining the
Organizational Domain for /any/ identifier, not just the From: domain. We are
assuming that an org domain can be determined for any domain, always.
At the end of Section 4.8, in order to fulfill that assumption, in the absence
of DMARC records, "the initial target domain" is promoted to the rank of
Organizational Domain of itself. That way, a PSD /is/ an org domain, which
formally counters the second sentence in 3.2.7.
Since there is no chance that .com .net .org or other large TLDs will ever
publish a PSD record it makes little difference in practice, but if we agree
the org domain needs a DMARC record, we should make clear that this is a
deliberate change. It's a good idea since if foo.com has no DMARC record and
.com has no PSD record, it won't work as an org domain anyway.
To make the change clearer, I suggest to use different terms to indicate
"working" org domains and registered domains with no DMARC record. Perhaps
using the circumlocution DMARC Organizational Domain could suffice. However,
along with the ubiquitous use of other longish terms (such as the above domain
in the RFC5322.From domain), it makes for a rather wordy spec. Better names?
Best
Ale
--
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
