Why DMARC's new "NP" tag can fail with DNSSEC

A new DMARC specification update introduces an 'np' tag for non-existent subdomains, but it conflicts with existing DNSSEC standards. This incompatibility creates potential security gaps for organizations using DNSSEC with major providers.
Matteo 18 min. read The recently updated DMARC specification, published as RFC 9989, introduces the new np tag. Its purpose is to specify the policy that receivers should apply when the sender domain is a non-existent subdomain of the domain where the DMARC record is published.
Get the full story
Sign up for Headlinne to unlock AI insights, political bias analysis, and your personalized news feed.
Create free accountAlready have an account? Sign in