In article <6a56a3831dd4651e0d7610ee0c90f50749a7203b.ca...@aegee.org> you write: >How can a domain owner communicate, that its users agree to have >investigations on forensic reports, where DKIM >signatures failed (fot the purpose of avoiding repeating errors in DKIM >signing/validation)? In particular, that there >is no expectation of the users that a deleted message is erased and that the >domain owner, DNS staff and email staff >function good as whole?
I suppose they could try to put it in the terms of service, but I wouldn't begin to guess whether that would be enforcable or even legal in places with the GDPR and other privacy laws. More to the point, I wouldn't bother. The failure reports are almost entirely useless. Of the ones I get, the majority are random Chinese spam that happened to forge one of my domains on the From line, the rest are from mailing lists where I wouldn't expect DMARC to pass. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
