This has been a bit of a problem, as non-verification of “ruf” addresses combined with people copying sample DMARC records in their deployments led to what I have to assume are violations of GDPR and several other privacy regimes.
I would hope people would see reporting address verification as an important mitigation of concerns about “ruf” reporting. My fear is that instead it makes the lawyers say “no” a few microseconds faster... —Steve. Sent from my iPhone (if I’m lucky) _______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)