On Sat, Jan 28, 2017 at 1:49 AM, Dave Warren via dmarc-discuss <dmarc-discuss@dmarc.org> wrote: > On Fri, Jan 27, 2017, at 04:23, Jim Popovitch via dmarc-discuss wrote: >> On Thu, Jan 26, 2017 at 11:13 PM, John Levine via dmarc-discuss >> <dmarc-discuss@dmarc.org> wrote: >> > I concur with Roland. Looking at my failure reports, I see some from >> > Hotmail and Linkedin and beyond that a few from Chinese and Russian >> > ISPs generally reporting random spam that happened to randomly fake my >> > domain. >> >> But what can you do about it? What is the "value" of having that >> information, and what is the "cost" of capturing it? > > To me, the value of these reports is pre-deployment, by carefully > reviewing the reports you can identify any legitimate sources of mail > which are not properly signed and aligned. > > As a company that currently has no employees beyond myself and only a > few hundred clients, I was able to find a couple legitimate sources of > mail coming from my own domain that had been previously overlooked.
I rolled out additional DMARC support for Mailman (outbound alignment) recently, and to be honest I'm not yet convinced that all receivers have a clue when verifying alignment... so it makes it much more difficult, for me, to trust the data. So... imho it's a waste of time/effort building an archive of suspect data until faith can be established in what is reported. Here's a few examples for the same email: Hotmail gets it right: http://domainmail.org/dmarc-reports/hotmail.com%21netcoolusers.org%211485698400%211485784800.xml ItaliaOnline gets it right: http://domainmail.org/dmarc-reports/italiaonline.it%21netcoolusers.org%211485778386%211485778386.xml VirginMedia gets it wrong: http://domainmail.org/dmarc-reports/virginmedia.co.uk%21netcoolusers.org%211485734404%211485820804.xml CSP-Net gets it wrong: http://domainmail.org/dmarc-reports/bechu-vir0001.csp-net.ch%21netcoolusers.org%211485730804%211485817204.xml So it's 50/50 for the same small sample of list traffic. Do I care, sure! If someone from Virgin Media or CSP-Net wants to explain the failures (or send me the RUFs that I already ask for) then I am all ears. Until then, I remain a skeptic. ;-) -Jim P. _______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)