`psl` does not return valid org domains (unmaintained project)

[titanism]

DMARC lookups are not returning accurate data right now due to the psl library being used.

An example use case is a headerFrom of noreply@pay-dartford-crossing-fine.service.gov.uk.

> require('psl').get('pay-dartford-crossing-fine.service.gov.uk')
'pay-dartford-crossing-fine.service.gov.uk'

Since it is not returning service.gov.uk in the psl.get('pay-dartford-crossing-fine.service.gov.uk') invocation, the orgDomain is not being properly looked up and therefore the DMARC policy returned is none, when it should actually be this one:

❯ dig _dmarc.service.gov.uk txt
_dmarc.service.gov.uk.  1124    IN  TXT "v=DMARC1; p=reject; sp=reject; fo=1; rua=mailto:dmarc-rua@dmarc.service.gov.uk; ruf=mailto:dmarc-ruf@dmarc.service.gov.uk"

We are submitting a pull request now to swap out psl in favor of a different more maintained project.

[titanism]

PR submitted https://github.com/postalsys/mailauth/pull/61 @andris9

[andris9]

Thanks for bringing this up. I was not aware that PSL was so out of date. The proposed parse-domain module is an ESM and incompatible with mailauth, so I went with the tldts module instead. See cab894b54a3544b33a641f377783db67a43bec0e

[titanism]

can you release new version to npm per #62 ? Thank you Andris. 🙏

[andris9]

After additional investigation, it turned out that while the psl module was outdated, it handled pay-dartford-crossing-fine.service.gov.uk correctly. The DMARC record from service.gov.uk does not apply for pay-dartford-crossing-fine.service.gov.uk. So, there was nothing wrong from the start.