"Public Suffix List Compliance Action Needed: Missing _psl TXT Record" with no pull request

[jdwx]

We received an email about not having a _psl TXT record associated with our included domain.

We are happy to add such a record, but this is the first we've heard of it.

Our domain's inclusion in the PSL was well before pull requests were used, so there isn't one to link to.

What are we meant to put in the TXT record?

[dnsguru]

maintainer here: We're not sending these out see #1849 and readme

[jdwx]

Oh, gosh, that's so strange. Sorry to be part of the noise!

[dnsguru]

No, seriously, it's all good - sounds like some a-hole is sending phish or spam to the listed addresses in the PSL, which has chewed up my afternoon with notices like yours, but you're not the perpetrator and awareness is helpful to us. IF there is anything you can share about the notice you received, that would be very helpful. Was it received to an email address you had listed in the PSL? DId it include links other than the github.com/publicsuffix/list main link? what email address sent it to you? can you include the raw headers in the comments here (redact any private stuff you feel like not sharing)?

…

On Mon, Sep 4, 2023 at 7:16 PM Jeff W ***@***.***> wrote: Oh, gosh, that's so strange. Sorry to be part of the noise! — Reply to this email directly, view it on GitHub <#1846 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AACQTJNLZ7AF6BLIST4KFA3XY2DPRANCNFSM6AAAAAA4KNLG5E> . You are receiving this because you were assigned.Message ID: ***@***.***>

[jdwx]

You bet; least I can do. Yes, it was sent to our address in the PSL.

Selected headers:

Return-Path: <[email protected]>
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=IjsJ5zpI22KJvpUzo0r6O52pLKIfZVDeRrrUftqKc/905h2HKqBBlvmGvzGaVx69o3kah21UZ6e2+8OAGF7S6GZNq3VCsTXilFWETPTILY2GKb3VR+yCJq19OA0Q0GOTXC75JjWWDcD0mo8GxzrAOkeQprxEAdCS4VgZyYwnRlEiQGY8wKKeSGNN89nInzFfI3Ub2EovNzkMdiVGlwQlohUP4fC6m3Oil4N1Hv64FMf7NuDHifa2kibtb0v3AnWx93jMTWF5e9F1sbwTYlKuW10XgE6DGILMQuFgYxs4gaBDkaUiCLHKPvM6VpFBBKnOpmkGTARzl4+mzaQw5Kp3QQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=1l7lqKDssauJP6ZhdOJ+NQReV1IIqptv/Q5NEhIiJk4=;
 b=TBA0a3y0TiLVwCKuivy2FC+buqBK2DtYZ5/QxxMAwcs3p3yXQLDJ7/7sLHyVEwXs7ViJk9qCdNf39LTQ/+UWYIS9uCwr8o+G1dveO0RW/L2FuDEDhxHyJlY0l71PKOFBZ6vrquZ+zLOZlc4N2TSiFBnI/EqbmQY5QjA0vsNW8q4OAU+KtWG4BXxvArYMTirJG3WTH32ooncigGDrjO4x6vDFx+xgwQXbZ5Pf7JaXm5MZsfpj7td6FCxvYi7ubUcY4NYnh6lqbThsC9KQOZOumWuoE2cLDtKN59SwVOOShIo1wNLnXTAA3uLObMUiUbh1wImNNcXEkWFMoRNPTjKZEA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=my.ccri.edu; dmarc=pass action=none header.from=my.ccri.edu;
 dkim=pass header.d=my.ccri.edu; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=myccriedu.onmicrosoft.com; s=selector2-myccriedu-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=1l7lqKDssauJP6ZhdOJ+NQReV1IIqptv/Q5NEhIiJk4=;
 b=j7whPtEm6qBrWN67jLc4zJvM+9ksLnwP95Fkkah9Z7SxJD93MzkJDV58SQZzBavSAwee1BgJntj+ukb2WIdB6SpBL6wDZVQL773vj3kVgj5tKWdRhVR6uyhu0WvXT3VPfSzC2GCIJnV4eOUKLlk4nb78UWKw3GnUmukHg6Fsm4A=
Received: from SN1PR02MB3886.namprd02.prod.outlook.com (2603:10b6:802:31::19)
 by PH0PR02MB8519.namprd02.prod.outlook.com (2603:10b6:510:10c::19) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6745.32; Mon, 4 Sep
 2023 12:00:06 +0000
Received: from SN1PR02MB3886.namprd02.prod.outlook.com
 ([fe80::e797:5eaa:c099:c0f3]) by SN1PR02MB3886.namprd02.prod.outlook.com
 ([fe80::e797:5eaa:c099:c0f3%3]) with mapi id 15.20.6745.030; Mon, 4 Sep 2023
 12:00:06 +0000
From: "Cooper, Sue (scooper6)" <[email protected]>
Subject: Public Suffix List Compliance Action Needed: Missing _psl TXT Record
Thread-Topic: Public Suffix List Compliance Action Needed: Missing _psl TXT
 Record
Thread-Index: AQHZ3e24xJfWjEJ8r0anVJKPv1kZ8Q==
Date: Mon, 4 Sep 2023 12:00:00 +0000
Message-ID:
 <SN1PR02MB388601B4A2FF43681FFA7CEEC0EBA@SN1PR02MB3886.namprd02.prod.outlook.com>
authentication-results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=my.ccri.edu;
X-OriginatorOrg: my.ccri.edu

Plaintext body:

Hello,


You are receiving this message because a domain associated with your email =
address has been identified as missing the mandatory _psl TXT record. This =
is required for maintaining your domain's inclusion in Mozilla's Public Suf=
fix List (PSL), pursuant to the PSL guidelines available at https://github.=
com/publicsuffix/list/wiki/Guidelines


If you are not responsible for any domain submission or your domain already=
 contains the correct _psl TXT records, please disregard this message.


The _psl TXT record serves to validate your domain and creates a link betwe=
en the authoritative admin/domain owner and the submitted Public Request (P=
R). It is crucial to note that domains without this record may eventually b=
e removed from the PSL through an automated process.


For private domains, the _psl TXT record also confirms the authenticity of =
the person submitting the domain request and verifies them as an authorized=
 representative of the domain owner. We will not accept patches submitted b=
y third parties on behalf of the domain owner.


To comply with these guidelines, you need to maintain a corresponding DNS T=
XT record called _psl for each suffix included in your domain. This record =
should contain the link to your PR.


For instance, if you've submitted:


alphaexample.com

foo.betaexample.com

*.gammaexample.com


Then the following DNS records should exist:


$ dig TXT _psl.alphaexample.com --> https://github.com/publicsuffix/list/pu=
ll/100

$ dig TXT _psl.foo.betaexample.com --> https://github.com/publicsuffix/list=
/pull/100

$ dig TXT _psl.gammaexample.com --> https://github.com/publicsuffix/list/pu=
ll/100


We recommend you take immediate action to add the necessary _psl TXT record=
s to avoid potential removal from the PSL.  It is important that once valid=
ated, these _psl records should remain intact within your domains to indica=
te continued desire for inclusion in the PSL.

And there is a typically incomprehensible HTML version of the message as well.

[dnsguru]

[email protected] has absolutely nothing to do with the PSL

[jdwx]

Perhaps they have an equally tenuous relationship with email account password security. 🤨

FWIW, I went through the raw message and checked every link by hand, including the ones in the HTML-formatted version.

The whole thing is so strange. The advice isn't wrong, nothing stands out as demonstrably false, and the links seem OK. So, if this is phishing it must be a setup for something down the road.

Maybe it's a class project gone horribly awry? 🤷‍♂️

Perhaps you will invite scooper6 to weigh in with their opinion?