I'm considering scrapping the public suffix list thing. :(
Thinking the semantics are too vague. Its real purpose is add checks to browser cookies after a domain has already been resolved (and thus verified existing). For example, this issue reiterates this: publicsuffix/list#570
So really, the question here is: do we support the use case of using the public suffix list on arbitrary inputs, or do we only support the use case of determining the public suffix for a domain which is in the DNS?
I guess the PR is still a better implementation of the ICANN TLD list. And we should still add the fetch & refresh code just for that. (Plus it adds allow/block lists)
But I kinda wanted to do a DNS check any way, so don't think the public suffix list adds much.
sounds right, it should not be needed if we can confirm the domain exists before sending the email
The last time the problem was that the DNS lookup could not be made async?
Think so, yes. Plus we need to do both MX and A lookups, which we can't do using OS facilities, I think. So I was thinking about adding an explicit resolver option, which enables the DNS check with explanation.
I don't understand why PRs aren't built by github actions. Tried tweaking the workflow, but still not working. :/
PRs from outside of the org, that is
Every now and then I see outlook.com fail our DMARC rules. I assume this is legit bad actors trying to send mail from portier.io, but I'm not sure if someone has an account there and can maybe do a quick check to see if https://demo.portier.io works?
@stephank no issues using my outlook.com email
@stephank I let someone test it with hotmail.com and that worked as well
Awesome, thanks! Guess it's nothing to worry about then. :)
It's going to be added to the macOS images in a few weeks
colemickens:matrix.org @colemickens:matrix.org waves at Dylan
Oh, good catch! Will try that now
Two consecutive builds went well, so looks good. :)
Bleh, we also need to figure out why Safari tests are timing out 50% of the time :/
can portier be used for applications outside the web? i was thinking of using it to authenticate users for my game made in rust. I presume all I would need to do is to make a post request to the brokers /auth path?