Hello,
The problem that DMARC solves over the SPF -all and ADSP discardable
mechanisms is that it allows you to see where authentication failures
are coming from (which IP addresses) so you can fix errors/oversights
before you disrupt legitimate email flow. The recommended action is
therefore to review the failures and ensure that they aren't:
* your own flows, with SPF/DKIM misconfiguration; or
* third-party flows sent legitimately on your organisation's behalf
(outsourced marketing functions, transactional systems, ...) but
without appropriate authentication (generally DKIM with a different
selector(-pair))
before you turn on p=reject.
- Roland
------------------------------------------------------------------------
On 13/5/19 2:44 am, MyKonfidi Solar wrote:
Hey
Request you to suggest what exactly we are supposed to watch in th
dmarc reports. I had been getting all these xml files, earlier, later
i tuned to https://dmarcanalyzer.com <https://www.dmarcanalyzer.com/>,
and now to https://mxtoolbox.com <https://mxtoolbox.com/>. nowehere i
am given to understand the action statement.
regards
Chetan Agrawal
India
On Fri, 10 May 2019 at 07:32, Roland Turner via dmarc-discuss
<dmarc-discuss@dmarc.org <mailto:dmarc-discuss@dmarc.org>> wrote:
Hi Andrew,
The first question is what you're seeing in the aggregate feedback
reports (Dmarcian, Agari, etc. provide the means to do this).
These should be watched for a period of time (I'd suggest weeks)
to ensure that all is well before you turn on p=reject. The most
important new capability that DMARC provides over previous
approaches is this ability to see what's happening in receiving
environments and to correct errors in your configuration (or your
understanding of how your domain is used) before you adopt a
stricter policy.
- Roland
On 10/5/19 1:55 am, Wojtowicz, Andrew via dmarc-discuss wrote:
I’m a newbie with dmarc. I’ve been playing around with some
generators and I thought I had it setup right but found out today
one of my staff members sent out an notification email, that uses
blackboard, and it didn’t go to all gmail and yahoo users.
Saw this message in log..
SMTP error from remote mail server after pipelined end of data:
550-5.7.1 Unauthenticated email from /(My domain)/ is not
accepted due to\n550-5.7.1 domain's DMARC policy. Please contact
the administrator of\n550-5.7.1 /(My Domain)/ domain if this was
a legitimate mail. Please visit\n550-5.7.1
https://support.google.com/mail/answer/2451690
<https://support.google.com/mail/answer/2451690> to learn about
the\n550 5.7.1 DMARC initiative. z37si617489qvc.90 - gsmtp
Where can I get some help on setting up the correct dmarc dns
setting?
Thank you
Andrew Wojtowicz
Network Engineer
Tenafly Public Schools
500 Tenafly Rd
Tenafly, NJ 07670
Work - (201) 816-4555
Cell – (201) 563-9661
Email - awojtow...@tenafly.k12.nj.us
<mailto:awojtow...@tenafly.k12.nj.us>
shield logo (Custom) (2)
/NOTICE: This email message, including any attachment(s), is for
the sole use of the intended recipient and may contain
confidential and privileged information. Any unauthorized review,
use, disclosure or distribution is prohibited. If you are not the
intended recipient, please contact the sender by reply email and
destroy all copies of the original message. /
_______________________________________________
dmarc-discuss mailing list
dmarc-discuss@dmarc.org <mailto:dmarc-discuss@dmarc.org>
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well
terms (http://www.dmarc.org/note_well.html)
_______________________________________________
dmarc-discuss mailing list
dmarc-discuss@dmarc.org <mailto:dmarc-discuss@dmarc.org>
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note
Well terms (http://www.dmarc.org/note_well.html)
_______________________________________________
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)
