On Tue, Jul 28, 2015 at 12:04:22PM +0200, Andreas Pothe wrote:
Am 28.07.2015 um 05:49 schrieb Viktor Dukhovni:
This means that domains hosted for DNS and email by udmedia are automatically DANE-enabled. Out of the ~1600 DANE SMTP domains in my survey, somewhere between 50 and 100 are hosted by udmedia
Can you give some more information about your survey, e. g. its targets, sources for the domain list etc.
Around 75% of the domains are domaints that are tested at dane.sys4.de. The rest are from various additional sources such as the Alexa top 1.000.000 (web sites not email domains being tested for DANE, so the ratio of DANE to non-DANE is multiple orders of magnitude lower).
I didn't heard anything from udmedia until your post today although I'm German too...
At present I have 1648 domains that have passed SMTP DANE validation, 79 of them (final count) are hosted by UD Media. I know no more about them than is published on their website: https://udmedia.de.
I expect that the real number of DANE-enabled domains at UD Media is subtstantially larger than what my survey indicates, because domains that are DANE-enabled by a registrar (rather than the domain owner) are less likely to be tested at dane.sys4.de, and if they don't appear on Alexa, or another "compilation" of domains I'm using, then I won't find them.
Peter Koch (who also responded), is likely in position to do more comprehensive surveys of DNSSEC/DANE at .de domains. I hope he'll publish aggregate DNSSEC numbers for .de from time to time. I don't know whether he's in a position to also scan for associated TLSA records (at the domain's MX hosts).