search

maester365 / maester

The core repository for the Maester module with helper cmdlets that will be called from the Pester tests.
https://maester.dev
MIT License
365 stars 89 forks source link

Add support for .co.uk and uk.com domains #549

Open chriswhitingBCH opened 3 days ago

chriswhitingBCH commented 3 days ago

These are both tLDs and should not be tested for SPF, DMARC, etc.

image

chriswhitingBCH commented 3 days ago

image

chriswhitingBCH commented 3 days ago

Exclude the onmicrosoft.com too

image

soulemike commented 3 days ago

This is an interesting topic for a couple of reasons: 1) What is a technical implementation that allows for filtering well-known managed second-level domains? I am not aware of an organization restricting this, just multiple that maintain well-known domains within their own standards. 2) Technically this is still accepted risk. Microsoft should have parked records for onmicrosoft.com, the UK should have parked records for those top-level and second-level domains. Otherwise your organization has some implicit, al be it very little, trust and thus risk that those could be spoofed.

Open to suggestions on how to identify the first elegantly and then potentially flag as a warning for the second.