soulemike
commented
1 week ago This one is a bit similar to #549 with the second being you are accepting risk that you trust that domain not to be spoofed by anyone. This is a little more likely to be manipulated too since .cloud is a TLD managed by ICANN, so it isn't an internal only specification.
Similarly though, open to suggestions on how to adequately warn of the risk while ignoring it.
We use internal only domains to route emails between exchange and our email signature management system. DMARC, SPF, etc. etc. should not be run on non-resolvable domains