[opendmarc-users] How to deal with blocked DMARC reports

Grant Taylor gtaylor at tnetconsulting.net
Sat Jan 5 10:59:06 PST 2019


On 1/3/19 7:31 AM, Benny Pedersen wrote:
> imho best way to solve is to create a new specifik milter to test that 
> mailto: can be mailed to, if not succee tempfail senders that shoot them 
> self in foots,

I have a hard time accepting the idea of configuring my server to refuse 
to accept email because the admin of the sending domain has 
misconfigured an /optional/ reporting / security feature.

I feel like rejecting email based on a bad reporting email address for 
DMARC is *WAY* more Draconian than rejecting email when sending domains 
have "…-all" in their SPF record.  (I digress.)

> why would domain owners like to have dmarc reporting when there mailserver 
> does not accept it

I don't know that "like" is the best description here.  Ignorance, 
misconfiguration, misunderstanding dome to mind as legitimate reasons 
why there might be a bad email address in the DMARC record.



-- 
Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4008 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.trusteddomain.org/pipermail/opendmarc-users/attachments/20190105/fdf3ea46/attachment.bin>


More information about the opendmarc-users mailing list