[opendmarc-users] How to deal with blocked DMARC reports

Grant Taylor gtaylor at tnetconsulting.net
Sat Jan 5 10:52:50 PST 2019


On 1/2/19 8:07 PM, Philip wrote:
> Hi there,

Hi,

> I'm just wondering how everyone deals with dmarc reports that bounce 
> because:
> 
> a. the address in the dmarc record isn't valid.
> b. the dmarc report isn't accepted by the server.

I can't say as I've run into this particular problem on my personal server.

> I'm currently just adding domains to a list.. but this is getting 
> annoying.  I'm wondering if there's a more automated solution.

Would it be possible to alter how OpenDMARC sends the outgoing reports? 
Specifically append NOTIFY=NEVER to the RCPT command?

My understanding is that MTAs (that support the standard from 2003) will 
simply never return a DSN for messages with NOTIFY=NEVER.  Thus the 
problem (as I understand it) evaporates.

I would worry that any other workaround / script / etc would simply be a 
kludge and subject to failures.  Not the least of which is detecting 
with an admin fixes their broken record so they can start receiving 
DMARC reports.

If I'm missing something, please tell me what it is.



-- 
Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4008 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.trusteddomain.org/pipermail/opendmarc-users/attachments/20190105/09cbc2d6/attachment.bin>


More information about the opendmarc-users mailing list