Add NoSpamProxy sub domain: o365.cloud.nospamproxy.com

[janjaeschke]

Public Suffix List (PSL) Submission

Checklist of required steps

• Description of Organization

• Robust Reason for PSL Inclusion

• DNS verification via dig

• Each domain listed in the PRIVATE section has and shall maintain at least two years remaining on registration, and we shall keep the _psl TXT record in place in the respective zone(s).

Submitter affirms the following:

• We are listing any third-party limits that we seek to work around in our rationale such as those between IOS 14.5+ and Facebook (see Issue #1245 as a well-documented example)

• Cloudflare
• Let's Encrypt

• This request was not submitted with the objective of working around other third-party limits.

• The submitter acknowledges that it is their responsibility to maintain the domains within their section. This includes removing names which are no longer used, retaining the _psl DNS entry, and responding to e-mails to the supplied address. Failure to maintain entries may result in removal of individual entries or the entire section.

• The Guidelines were carefully read and understood, and this request conforms to them.
• The submission follows the guidelines on formatting and sorting.

Abuse Contact: [email protected]

• Abuse contact information (email or web form) is available and easily accessible.

  URL where abuse contact or abuse reporting form can be found:

https://www.nospamproxy.de/en/cybersecurity-product-security-incident-response-team-psirt/

---

For PRIVATE section requests that are submitting entries for domains that match their organization website's primary domain, please understand that this can have impacts that may not match the desired outcome and take a long time to rollback, if at all.

To ensure that requested changes are entirely intentional, make sure that you read the affectation and propagation expectations, that you understand them, and confirm this understanding.

PR Rollbacks have lower priority, and the volunteers are unable to control when or if browsers or other parties using the PSL will refresh or update.

(Link: about propagation/expectations)

• Yes, I understand. I could break my organization's website cookies and cause other issues, and the rollback timing is acceptable. Proceed anyways.

---

Description of Organization

The Net at Work GmbH is based in Germany and is the vendor of an email security product called "NoSpamProxy". (Product Website: https://nospamproxy.de)
Beside the possibility to run NoSpamProxy On-premises we provide a SaaS platform which allows to book a customer unique hosted instance. Currently both environments share the sub domain "o365.cloud.nospamproxy.com". It would be useful if the browser could handle the different environments correctly when a customer is using both environments.
A customer access a management UI and callback functions below the "o365.cloud.nospamproxy.com" domain.

Organization Website: https://www.netatwork.de

Reason for PSL Inclusion

We like to implement cookie security between subdomains.
Each property is usually a complete separate business and we want to prevent cross-engine cookie pollination for the management/monitoring UI and callbacks per customer.
Domain holding period:
nospamproxy.com (Domaintools.com):

• registered: 2003-09-07 (18 years)
• current expiration: 2025-09-08

Number of users this request is being made to serve:

DNS Verification

dig +short TXT _psl.o365.cloud.nospamproxy.com
"https://github.com/publicsuffix/list/pull/2291"

[janjaeschke]

Please re-run the validation test. DNS verification is published now.

[wdhdev]

• nospamproxy.com needs its expiry to be above 2 years.
• Please provide the user count as well.

[simon-friedberger]

@janjaeschke But you are running all the instances for your customers, right? Can't you make sure to use __Host- cookies everywhere?

[janjaeschke]

@simon-friedberger no not all instances. There are environments out of our control.
In generell we appreciate the "__Host-" cookie benefit but from our point of view this will only solve the potentiell issue in a far future.
Beside the implementation time we cannot ensure that all customers updates there environment as soon as possible. The PSL entry will solve this because it will be used way faster in customer clients then our software will be updated.

@wdhdev I will trigger an extension, sorry for missing that point.
Customer wise we have round about 6000 customers.

[simon-friedberger]

@janjaeschke Do make sure to try to implement the change to move to __Host- cookies!

Because this

The PSL entry will solve this because it will be used way faster in customer clients then our software will be updated.

is probably not true for all clients! The major browsers only update the list when there is a software update for the browser!

[janjaeschke]

@simon-friedberger we will make sure to enhance our implementation.
We are aware of the delayed usage of the PSL by missing browser updates, from our point of view it is more likely that the customers update the client browser faster than our implementation and software update enrollment.

So we would have a faster security enhancement with the additional PSL listing until the improvement will be done.