On Fri, Aug 14, 2020 at 7:31 AM Dotzero <dotz...@gmail.com> wrote: > > I've been involved in setting up DMARC with a policy of p=reject for > somewhere North of 6,000 domains. As a sending domain, the heavy lifting is > in getting buy-in across the organization that it is a worthwhile effort, > getting control of your organization's mail flows and ensuring policies and > procedures are communicated and followed. For complex environments there > may need to be some automation required for creating and maintaining > private/public key pairs and DNS records but that is much more > straightforward than the aforementioned heavy lifting. >
Also note that said "heavy lifting" is not a one time expenditure of effort. Having hoisted the weight bar above your head, it requires organizational will and ongoing knowledge to stick to the higher bar week in and week out. Entropy is never your friend in an organizational security context. Neither are acquisitions :-) --Kurt
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
