>This means DMARC can't be treated as a way to combat spam, ... Right, it's not an anti-spam tool, it's an anti-phishing tool.
For domains that send all of their mail from a known set of places and that are subject to impersonation, DMARC can be a useful tool to tell the real mail from the fake. The number of of those domains is relatively small, but since the tend to send a lot of mail and to be well known, DMARC can likely make a difference for famous phish targets like Paypal, American Greetings, and lots of well known banks and government agencies. For domains with real users who do the usual range of things that users do (mailing lists, forward to and send from gmail and Yahoo, newspaper mail-to-a-friend, etc.) the policy part of DMARC is not useful, although if you publish a DMARC record that asks for statistics reports, those reports can be quite interesting. That's what I do. >When a message has non-existent/invalid/etc domain in From, should it be >treated as failed the DMARC test, or DMARC is not applicable here? It's not applicable. In practice, the tiny amount of mail I see with no From: header tends to be from broken notification daemons, not spam or phishes. -- Regards, John Levine, jo...@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly _______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
