Re: [dmarc-discuss] DMARC is not working
On 23/11/18 4:01 pm, Dpto Ciberseguridad via dmarc-discuss wrote: "v=DMARC1;p=reject;ruc=mailto:dmarc@x; It worked fine till last month when testing emails, we saw it was not rejecting unauthorized emails. Note that setting p=reject does not mean that receivers will reject messages from the domain that don't meet DMARC rules, it only means that you're requesting that receivers do so. Reasons for not doing so include: * Not believing that the domain registrant is competent (e.g. because you've published an invalid record) * Not believing that all non-complying messages are invalid, perhaps on the basis of local information. * Deciding to accept-and-discard instead of reject in order to avoid a specific failure mode with mailing lists and rejections. Per Steven's comment, if you've not been studying (indeed, receiving) aggregate reports, there is a good chance that receivers can see legitimate email that you're unaware of and are therefore ignoring your request. - Roland ___ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
Re: [dmarc-discuss] DMARC is not working
On 11/23/2018 00:01, Dpto Ciberseguridad via dmarc-discuss wrote: Hello, Last year we configured DMARC registry for another company with something like this "v=DMARC1;p=reject;ruc=mailto:dmarc@x; It worked fine till last month when testing emails, we saw it was not rejecting unauthorized emails. "ruc" is not a valid tag in a DMARC policy record. Did you mean "rua" ? Looking for information in Internet, some DMARC testers did not pass ruc syntaxis so we only changed ruc to ruf; but the problem is still present. "rua" and "ruf" only determine where reports are sent, provided the receiver sends the corresponding type of report. They do not normally have anything to do with enforcement, unless perhaps a receiver decides that the record is invalid and therefore ignores it completely. But you say receivers were rejecting invalid messages previously... If you weren't receiving aggregate reports ("rua"), how certain are you that the invalid messages were rejected due to your DMARC policy? --S. ___ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
[dmarc-discuss] DMARC is not working
Hello, Last year we configured DMARC registry for another company with something like this "v=DMARC1;p=reject;ruc=mailto:dmarc@x; It worked fine till last month when testing emails, we saw it was not rejecting unauthorized emails. Looking for information in Internet, some DMARC testers did not pass ruc syntaxis so we only changed ruc to ruf; but the problem is still present. Any idea? Many thanks ___ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)