Page MenuHomePhabricator

Domains of most projects do not have DMARC policy
Open, NormalPublic

Description

For domains in this list there are no DNS records for SPF and DMARC:

  • mediawiki.org
  • wikibooks.org
  • wikinews.org
  • wikiquote.org
  • wikisource.org
  • wikiversity.org
  • wikivoyage.org
  • wiktionary.org

This creates a potential vulnerability, because anyone can send a letter on behalf of the Wikimedia project. Since, as far as I know, these domains are not used to send messages, the policy can be specified as restrictive as possible (p=reject; sp=reject).

Event Timeline

putnik created this task.Dec 7 2018, 5:15 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptDec 7 2018, 5:15 AM
SerDIDG added a subscriber: SerDIDG.Dec 7 2018, 5:17 AM
putnik updated the task description. (Show Details)Dec 7 2018, 5:39 AM
Dzahn moved this task from Backlog to DMARC on the Mail board.Dec 11 2018, 7:53 PM
herron triaged this task as Normal priority.Jan 4 2019, 4:42 PM