Heho, This might be a bit of a theoretical attack thing, but looking over the bounces for my nightly outbound DMARC reports I actually started to wonder about this; (Mostly because I am getting scared by regularly sending DMARC reports to non -existing accounts on a major ESP ;-)).
Maybe I am overlooking/overthinking something here, but it would be nice to hear what others think about it, and whether they think that this is actually a problem needing a solution. Assumptions: - Many major ESPs track a sending mailer's reputation; If a host tries to throw in a lot of mail for non-existing users/domains, reputation goes down. - There are spam-traps out there with pretty much the same goal; see what flies in and, e.g., populate RBLs Setup: - I create _a lot_ of subdomains - MX (I just set it; not sanctioned by the ESP) for the subdomains is either a large ESP or a spam-trap. - Create a -all SPF record and a DMARC p=reject entry and a rua=mailto:p@<subdomain>, as well as the _report._dmarc record for each of these sub-domains Execution: - I generate a lot of mails (one From: per subdomain) towards a target (ESP, small setup) that sends DMARC reports - The target rejects my mails (spf -all) and sends a DMARC report; Based on the MX this goes to the ESP/spam-trap. - The spam-trap/ESP get a lot of 'unknown recipient/domain' mails from my target; They don't accept them, but take note for the senders' reputation. -> Sender reputation of the target goes down With best regards, Tobias _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
