SPF/DKIM/DMARC can help on the inbound side. You already know which hosts your own email originate from so you can block just based on that knowledge as well. As was pointed out, the display name is free form but you can set a rule to block if the email address in a display name doesn't match the email address in the From email address.
Michael Hammer On Tue, Aug 20, 2019 at 10:59 PM Blason R via dmarc-discuss < dmarc-discuss@dmarc.org> wrote: > Thanks a nice solutions and description however my questions was for DMARC > for incoming mails. > > On Tue, Aug 20, 2019 at 9:05 PM Pete Holzmann <webbed.p...@gmail.com> > wrote: > >> I realize this is a Very Late Response to Blason's query... (I've had >> serious medical challenges this year; "should" be dead yet here I am ;) ) >> >> I thought you might be encouraged by our experience. >> >> *Scenario:* >> - We have a Very Old Domain (ds.org) that's ONLY used for >> infrastructure. NOT web, and not even sending/receiving email ( >> u...@ds.org). Yet our email server is aster.ds.org >> - In spite of not sending any email, more and more we were being marked >> as spammers by various block lists. >> - If you think about it, we have a perfect honeypot for spam. ANY email >> to or from that domain is by definition invalid :) :) >> >> *Solution:* >> - I finally implemented SPF, DKIM and DMARC... >> - *WHAM!!! * Over a thousand spams a day (mostly from Asia) were being >> sent faking our domain as source. >> - Challenge #1: our DMARC report processor initially had to tweak a few >> things. We're honestly not a large volume emailer... yet they were >> processing quite a few records ;) >> - Challenge #2: we ended up implementing "non standard" subdomain >> wildcards due to a >> variety of fake subdomains being spoofed. >> >> *Result:* >> - We're no longer accused of being spammers >> - "Only" ~600 spams detected in the last *week* (by DMARC-capable >> servers) >> - All were trying to spoof our domain >> - Of those, ~500 were from *.nxdomain, the rest at least had a real IP >> entry. >> >> Blessings, >> Pete >> >> ------------------------------ >> >> On 9 Jan 2019 Blason R via dmarc-discuss said... >> >> Hi Edward, >> >> How do I make it work for Inbound if my MTA/AntiSpam does not support? >> Not sure if I understood your question correctly but would appreciate if >> you can shed some light on this? lets say I am on google apps. >> >> Google Apps I guess bydefault takes care of Incoming mail. But what if I >> am using third party MTA which does not support Inbound DMARC checks? Yes >> most of them do support SPF and DKIM validation but not DMARC I guess. >> >> Please correct me if I am wrong. >> >> Thanks and regards, >> Blason R >> >> On Wed, Jan 9, 2019 at 7:00 PM Edward Siewick via dmarc-discuss < >> dmarc-discuss@dmarc.org> wrote: >> >> > Blason, >> > >> > Actually, consider implementing testing (SPF, DKIM) and DMARC for >> > inbound. Since you've implemented for everybody else, why not put >> these to >> > use for your own organization? >> > >> > Edward S. >> > >> > >> > On 1/8/2019 10:26 PM, Blason R via dmarc-discuss wrote: >> > >> > Hi DMARC Team, >> > >> > What I understand is DMARC is very beneficial for the mails which >> are >> > being sent from my domain to third party. But can we stop the emails >> coming >> > at me pretending to be my own domain? My assumption again here is we >> can >> > not and need to have AntiSpam policy to block looking at SPF and >> DKIM? >> > >> > TIA >> > Thanks and Regards >> > Blason R >> > >> > _______________________________________________ >> > dmarc-discuss mailing >> listdmarc-discuss@dmarc.orghttp://www.dmarc.org/mailman/listinfo/dmarc >> -discuss >> > >> > NOTE: Participating in this list means you agree to the DMARC Note >> Well terms (http://www.dmarc.org/note_well.html) >> > >> > _______________________________________________ >> > dmarc-discuss mailing list >> > dmarc-discuss@dmarc.org >> > http://www.dmarc.org/mailman/listinfo/dmarc-discuss >> > >> > NOTE: Participating in this list means you agree to the DMARC Note >> Well >> > terms (http://www.dmarc.org/note_well.html) >> >> > _______________________________________________ > dmarc-discuss mailing list > dmarc-discuss@dmarc.org > http://www.dmarc.org/mailman/listinfo/dmarc-discuss > > NOTE: Participating in this list means you agree to the DMARC Note Well > terms (http://www.dmarc.org/note_well.html)
_______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
