not necessarily, there are a bunch of nip05s that are valid but noStrudel isn't able to check them due to CORS. other native clients like damus and amethyst can check them because they aren't restricted by the browser
Discussion
i've put an issue up on the nips repo because i think that if it's required for web browsers it should say as much in the spec so that people deploying NIP-05 services are alerted to this issue
otherwise we are letting down web app users with the whole purpose of the thing being to impersonations and fraudulent user metadata