Hi, Let's say I have domain example.com with SPF, DKIM and DMARC records. I've put an A record in there to point foo.bar.example.com at someone else's IP address.
Probably some cron job or other automated task on that host has sent an email from usern...@foo.bar.example.com that has ended up at gmail. gmail have sent me an aggregated DMARC report that includes SPF and DMARC failures for that mail. I did not expect that such email from foo.bar.example.com would consult the DMARC record for the parent example.com. Is this expected? Does DMARC use the Public Prefix List or something to determine that foo.bar.example.com is under the same administrative control as example.com, and in the absence of _domainkey.foo.bar.example.com will look for _domainkey.example.com? Amnd perhaps even _domainkey.bar.example.com? Thanks, Andy PS I don't care about making it work, and the host name is just a convenience for someone else. I'd rather not set or be responsible for DMARC policy for it at all. The desired SPF, DKIM and DMARC records for the example.com here were intended to be for a domain that doesn't send any email at all. -- https://bitfolk.com/ -- No-nonsense VPS hosting _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop