Re: dmarc reports - action required?
Thank you both for clearifying this. Now I can relax and may find anything useful to do with these reports. Please have a nice weekend. Kind regards, Michael p.s. Sorry Paul, I pressed the wrong button. :/ Am 26.11.2021 um 19:44 schrieb Paul Pace: On 11/26/21 8:57 AM, Michael Taubert wrote: Hi everyone! Recently I've received some dmarc reports from various hosts like google, yahoo, and so on. Are these reports of any use or just information for me? I mean, is there any action required when I got reports of failed dkim or spf? All the addresses in these reports does not belong to my mail server. So I think they just use my domain in the header to spam around. Well, at least, they trying to. I feel a bit lost as I don't know what to do about these reports. Thanks in advance. Kind regards, Michael I would guess these are aggregate reports being sent because the DMARC TXT record instructs them to: $ dig +short txt _dmarc.arachnodroid.de "v=DMARC1;p=none;pct=100;rua=mailto:postmas...@arachnodroid.de;; The aggregate reports are sent based on a time period. From RFC 7489 7.2[1]: > Visibility comes in the form of daily (or more frequent) Mail Receiver-originated feedback reports that contain aggregate data on message streams relevant to the Domain Owner. This information includes data about messages that passed DMARC authentication as well as those that did not. Paul [1] https://datatracker.ietf.org/doc/html/rfc7489#section-7.2
Re: dmarc reports - action required?
On 11/26/21 8:57 AM, Michael Taubert wrote: Hi everyone! Recently I've received some dmarc reports from various hosts like google, yahoo, and so on. Are these reports of any use or just information for me? I mean, is there any action required when I got reports of failed dkim or spf? All the addresses in these reports does not belong to my mail server. So I think they just use my domain in the header to spam around. Well, at least, they trying to. I feel a bit lost as I don't know what to do about these reports. Thanks in advance. Kind regards, Michael I would guess these are aggregate reports being sent because the DMARC TXT record instructs them to: $ dig +short txt _dmarc.arachnodroid.de "v=DMARC1;p=none;pct=100;rua=mailto:postmas...@arachnodroid.de;; The aggregate reports are sent based on a time period. From RFC 7489 7.2[1]: >Visibility comes in the form of daily (or more frequent) Mail Receiver-originated feedback reports that contain aggregate data on message streams relevant to the Domain Owner. This information includes data about messages that passed DMARC authentication as well as those that did not. Paul [1] https://datatracker.ietf.org/doc/html/rfc7489#section-7.2
dmarc reports - action required?
Hi everyone! Recently I've received some dmarc reports from various hosts like google, yahoo, and so on. Are these reports of any use or just information for me? I mean, is there any action required when I got reports of failed dkim or spf? All the addresses in these reports does not belong to my mail server. So I think they just use my domain in the header to spam around. Well, at least, they trying to. I feel a bit lost as I don't know what to do about these reports. Thanks in advance. Kind regards, Michael
