On 01/27/2017 04:23 AM, Jim Popovitch via dmarc-discuss wrote: > > I can appreciate that folks do that, and that's awesome. For me and > my systems that just seems like unnecessary overkill.
Ultimately that's a decision each domain owner/operator has to make for themselves. But I would hope that, like you, they've first gone through deployment of DKIM and SPF and checked the DMARC reporting to see what's going on. And even if they don't see many fraudulent messages and/or aren't overly concerned about it, I would recommend setting something up to monitor the reports and summarize or set an alert driven by changes/increases in authentication failures. This way if something goes wrong in a legit sending setup (ESP, etc), or if a bad actor does start abusing their domain, they'll find out about it in short order. --Steve. _______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
