Re: [dmarc-discuss] [Ext] Re: [Ext] RE: [Ext] Re: Some DMARC adoption data

2022-02-11 Thread John R Levine via dmarc-discuss
Null MX doesn’t stop anyone from spoofing your domain to send email though. Yes, I know, I wrote the RFC about it. SPF, DMARC are tools that work together to protect your domain and your reputation. If SPF was the magic bullet then nothing else would be needed. The basic problem with SPF is

Re: [dmarc-discuss] [Ext] Re: [Ext] RE: [Ext] Re: Some DMARC adoption data

2022-02-11 Thread Chris Sweeney via dmarc-discuss
Null MX doesn’t stop anyone from spoofing your domain to send email though. SPF, DMARC are tools that work together to protect your domain and your reputation. If SPF was the magic bullet then nothing else would be needed. Get Outlook for iOS

Re: [dmarc-discuss] [Ext] RE: [Ext] Re: Some DMARC adoption data

2022-02-11 Thread John R Levine via dmarc-discuss
By that logic if you have SPF -all you don’t need anything else to protect your domain. Why even bother with DMARC at all? As I said, if you don't send any mail at all, a null MX is useful but I don't see much point to DMARC. It's not a magic bullet. I suppose there are systems that look

Re: [dmarc-discuss] [Ext] RE: [Ext] Re: Some DMARC adoption data

2022-02-11 Thread Chris Sweeney via dmarc-discuss
By that logic if you have SPF -all you don’t need anything else to protect your domain. Why even bother with DMARC at all? Get Outlook for iOS From: John R Levine Sent: Friday, February 11, 2022 7:54:55 PM To: Chris Sweeney ;

Re: [dmarc-discuss] [Ext] Re: Some DMARC adoption data

2022-02-11 Thread John R Levine via dmarc-discuss
That's the point though, even if you don't send email from a domain it should have a SPF and DMARC record to prevent someone from spoofing your domain. If you have SPF -all and a null MX, you shouldn't need a DMARC record. Regards, John Levine, jo...@taugh.com, Taughannock Networks,

Re: [dmarc-discuss] [Ext] Re: Some DMARC adoption data

2022-02-11 Thread Chris Sweeney via dmarc-discuss
That's the point though, even if you don't send email from a domain it should have a SPF and DMARC record to prevent someone from spoofing your domain. -Original Message- From: dmarc-discuss On Behalf Of John Levine via dmarc-discuss Sent: Friday, February 11, 2022 2:25 PM To:

Re: [dmarc-discuss] Some DMARC adoption data

2022-02-11 Thread Ahsan Khan via dmarc-discuss
Also to start with dmarc, you need to stop the leak on your outbound email flow . Spf with -all will show how clear the companies are when it comes to understanding who sends outbound emails using their servers. It’s an easy decision then to implement dmarc On Sat, 12 Feb 2022 at 12:58 AM, John

Re: [dmarc-discuss] Some DMARC adoption data

2022-02-11 Thread John Levine via dmarc-discuss
It appears that Alessandro Vesely via dmarc-discuss said: >Study on Domain Name System (DNS) abuse : technical report. Appendix 1, 2022 >https://data.europa.eu/doi/10.2759/473317 > >Chapter 17 of the Appendix (2nd link above) contains data on SPF and DMARC. > >The DMARC part says that 8,129,795

[dmarc-discuss] Some DMARC adoption data

2022-02-11 Thread Alessandro Vesely via dmarc-discuss
Hi all, The European Commission has published a comprehensive study on DNS abuse: Study on Domain Name System (DNS) abuse, 2022 https://data.europa.eu/doi/10.2759/616244 Study on Domain Name System (DNS) abuse : technical report. Appendix 1, 2022 https://data.europa.eu/doi/10.2759/473317