top | item 46133976

(no title)

34679 | 2 months ago

>which, should be noted, is entirely optional

I wouldn't say entirely. I had a client with a large company contact me on LinkedIn saying that they wanted to buy my product but no one would respond to their emails. Their system was nuking my responses until I set up DMARC reporting, and I had no indication it was happening on my end. No "failed to deliver" message and nothing in the logs, just email that vanished into the ether.

discuss

ZeroConcerns|2 months ago

That's interesting! Can you share which provider their MX record pointed to? Silently disappearing emails are typical Microsoft Forefront antics (but definitely also a misfeature of other products), but mostly when the originating domain has a p=reject DMARC policy. You didn't happen to relax that at the same time you added the reporting parameters?

turnsout|2 months ago

But once your DMARC, DKIM & SPF is configured correctly, there should be no reason for an MTA to reject your mail due to DMARC, right? I have DMARC reporting turned on, but am considering turning it off.

toast0|2 months ago

Back when I ran email for a large sender, I turned DMARC reports off once I got things settled in, and might turn it on to debug issues.

There was nothing to do about the reports most of the time. Just get mad that people are accepting spoofed mail that fails DKIM and SPF.

But mostly, the phishing campaigns with our branding just stopped spoofing addresses. Turns out, lots of email clients don't show the sender address and people who get a phishing email about Service Y from info@johnsplumbingservices.example.com may get phished.