[opendmarc-users] DMARC and fraudent emails from spf- and dkim-valid domains
l at avc.su
l at avc.su
Fri Oct 16 11:44:34 PDT 2015
Hello.
I've noticed one thing when setting up an OpenDMARC on my domain (for
example, named example.net):
when I'm sending an email from other domain that has valid SPF and DKIM
(for instance, example.net.com), and that message has "from:
example.net.com" in Envelope-from with "from: example.net" in mime
header, DMARC passes it for example.net.
DNS records for example.net:
_dmarc.example.net = "v=DMARC1; p=none;
rua=mailto:postmaster at example.net; ruf=mailto:postmaster at example.net;
fo=1"
_domainkey.example.net = "t=y; o=~"
How can I block this kind of fraud?
Thank you.
More information about the opendmarc-users
mailing list