Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for .co.uk and uk.com domains #549

Open
chriswhitingBCH opened this issue Nov 25, 2024 · 3 comments
Open

Add support for .co.uk and uk.com domains #549

chriswhitingBCH opened this issue Nov 25, 2024 · 3 comments

Comments

@chriswhitingBCH
Copy link

These are both tLDs and should not be tested for SPF, DMARC, etc.

image
@chriswhitingBCH
Copy link
Author

image

@chriswhitingBCH
Copy link
Author

Exclude the onmicrosoft.com too

image

@soulemike
Copy link
Contributor

This is an interesting topic for a couple of reasons:

  1. What is a technical implementation that allows for filtering well-known managed second-level domains? I am not aware of an organization restricting this, just multiple that maintain well-known domains within their own standards.
  2. Technically this is still accepted risk. Microsoft should have parked records for onmicrosoft.com, the UK should have parked records for those top-level and second-level domains. Otherwise your organization has some implicit, al be it very little, trust and thus risk that those could be spoofed.

Open to suggestions on how to identify the first elegantly and then potentially flag as a warning for the second.

@soulemike soulemike mentioned this issue Nov 25, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@soulemike @chriswhitingBCH