I suggest you ...

Allow root domain to verify subdomains

This idea can be broken down into two seperate ideas, I'd be happy with either.

1. When registering to monitor a domain that is a subdomain of another, for example subdomain.domain.com, the verifcation email should be able to be sent to postmaster@domain.com.

2. Allow an option to monitor a domain and all subdomains.

66 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Benjamin Maynard shared this idea  ·   ·  Admin →

    4 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Martin commented  · 

        Any suggestions to work around this?
        We have over 400 subdomains at the university where I work. Far from all have their own abuse address, and even if they had, it would be quite a bit of work to add them all. The torrent that recently surfaced showed us the scope of employees using their work addresses for private reasons, but I'd much prefer being able to contact users based on haveibeenpwned information. Especially since - as you stated on twitter - there is no way to know where and when the email/password combos came from in that particular dump.

        Thank you. :)

      • Magnus commented  · 

        We are a university with hundreds of subdomains and there is no way we can register all with the domain search. To let a domain monitor subdomains would be fantastic.

      • Amivit commented  · 

        I would really like to see this implemented as well. I own a domain with GoogleApps for email, and a "catch-all" that forwards all emails to my inbox.
        So when I register for sites, I use stackexchange@domain.com or facebook@domain.com for example.
        If I could be notified for any & all breaches for the emails on my domain, it would be amazing!

      • Anonymous commented  · 

        Comment on 1:

        This is a bad idea for third level domain owners, such as mywebsite.co.uk, or someone with a free domain such as mywebsite.freehost.com.

      Feedback and Knowledge Base