Allow root domain to verify subdomains
This idea can be broken down into two seperate ideas, I'd be happy with either.
1. When registering to monitor a domain that is a subdomain of another, for example subdomain.domain.com, the verifcation email should be able to be sent to email@example.com.
2. Allow an option to monitor a domain and all subdomains.
Any suggestions to work around this?
We have over 400 subdomains at the university where I work. Far from all have their own abuse address, and even if they had, it would be quite a bit of work to add them all. The torrent that recently surfaced showed us the scope of employees using their work addresses for private reasons, but I'd much prefer being able to contact users based on haveibeenpwned information. Especially since - as you stated on twitter - there is no way to know where and when the email/password combos came from in that particular dump.
Thank you. :)
We are a university with hundreds of subdomains and there is no way we can register all with the domain search. To let a domain monitor subdomains would be fantastic.
I would really like to see this implemented as well. I own a domain with GoogleApps for email, and a "catch-all" that forwards all emails to my inbox.
So when I register for sites, I use firstname.lastname@example.org or email@example.com for example.
If I could be notified for any & all breaches for the emails on my domain, it would be amazing!
Comment on 1:
This is a bad idea for third level domain owners, such as mywebsite.co.uk, or someone with a free domain such as mywebsite.freehost.com.