[trustingtrust]

A temporary solution would be to block all traffic of email to ml domain on computers and vpn used by the military and respond with an error. If anyone outside military computers and emails is sending such classified information this is a bigger problem and not just a typo issue.

Update: missed the part that this is incoming emails problem from non military.

[devrand]

According to the article the issue is non-military originating emails. They used an example of a doctor’s office sending x-rays to a patient but mistyped the TLD.

[ElectricalUnion]

Weird because the USA top level domain is supposed to be .us, with that being one of the first country code top level domains.

[jabroni_salad]

It's my understanding that .gov and .mil were brought over from when those were independent networks, pre-internet.

[hgsgm]

Now do .com, .org, and .net, which are all part of US.

[richij]

No they're not.

[eindiran]

From Wikipedia for .com:

> The domain was originally administered by the United States Department of Defense, but is today operated by Verisign, and remains under ultimate jurisdiction of U.S. law.

.edu holds US-centric requirements today. Not sure about .org, .net, etc.

[0] https://en.wikipedia.org/wiki/.com

[1] https://en.wikipedia.org/wiki/.edu

[gilbertbw]

It sounds like they already do:

> He said that emails sent directly from the .mil domain to Malian addresses “are blocked before they leave the .mil domain and the sender is notified that they must validate the email addresses of the intended recipients”.

One of the examples is a hotel booking confirmation, which would come from a third party.

[lolinder]

This is still a valid suggestion because a lot of the emails are from long-running government contractors. They may not be able to solve all of them, but requiring government contractors to block .ml domains in their email systems would be a start.