Hi GCA community,
Is there a limit to the number of rua=mailto: … email addresses you can enter in one DNS record?
I appreciate there needs to be a comma separating each email address entry, but wondered if there was an upper limit for a DNS record.
Many thank for your help
Regards
Kevin
Hi Kevin,
From my understanding, it’s recommended to limit yourself to 3-5 email addresses, anything more may result in reports not being delivered.
Isn’t it also advisable not to go above 256 characters on any DNS record
Yes that is correct.
Most commercial DMARC tools will only check for the first 3 email addresses. Don’t go above this value
To fix this you could host a mailing list with multiple recipients. Most parsing tools can manage receiving reports this way as well.
For example I have setup DRUF@domain, and DRUA@domain which forwards to an archive location for reports, and to my processing services. If I wanted I could add more services without making any DNS changes, I just update the list.
I recently had 5 rua addresses configured because I was running POCs with multiple vendors simultaneously. I expected them not to all send reports, but, lo and behold!, they did. I wouldn’t want to rely on that though.
We made a decision and now have just one rua and one ruf.
We were recently looking into this and came across the following excerpt from RFC 7489 section 6.2:
" Receivers MAY impose a limit on the number of URIs to which they will send reports but MUST
support the ability to send to at least two."
https://tools.ietf.org/html/rfc7489#section-6.2
Which was useful to keep in mind.
Thank you for sharing.