On Fri, Jun 13, 2025 at 10:11 PM Douglas Foster < [email protected]> wrote:
> A spammer might send millions of impersonation mails to thousands of > recipients. If that happens, the failure report receiver must be able to > handle the volume in the same manner as a denial of service attack. > Reporting to anything other than a specialized organization seems very > risky. > > DF > Other than having reports sent to a specialized organization, it is also possible to have the failure reports sent to a separate inbound mail server or pool of servers. This protects regular inbound (MX) processing from being overloaded. A further measure in such an event would be to temporarily send such mail straight to /dev/null. Michael Hammer
_______________________________________________ dmarc mailing list -- [email protected] To unsubscribe send an email to [email protected]
