The DMARC evaluator queries for a specific domain name every time; the * is
notation used to tell the DNS server what queries to answer. The DMARC
documentation doesn't talk about where you can put * because DMARC never sees
or uses the *, it's all in what your DNS server does.
Elizabeth
On
The DMARC on the mailing list passes when it reaches me -- it appears that
something in the path between you and dmarc.org is the problem with breaking
the DKIM signature.
Since it's dmarc.org's DKIM signature, it's put on after all the mailing list
handling, so I'm not sure why anybody thinks
Those headers cannot all be true. If the SPF pass is right, then the DMARC fail
is wrong. Look at fixing the DMARC calculation, not your calculations.
Elizabeth
On Monday, October 3, 2016, 4:59:53 AM PDT, DurgaPrasad - DatasoftComnet via
dmarc-discuss wrote:#yiv4358277168 #yiv4358277168 --
_fil
do one to make it a relevant one. It just
says "The DKIM identifier evaluated and the DKIM result, if any".
Elizabeth
On Sunday, July 10, 2016 2:27 PM, Juri Haberland via dmarc-discuss
wrote:
On 07.07.2016 18:53, Elizabeth Zwicky via dmarc-discuss wrote:
>
> I meant t
I meant to say that the spec is unclear about what you do about **reporting**
multiple DKIM results. It's perfectly clear on how to evaluate them.
Elizabeth
On Thursday, July 7, 2016 9:32 AM, Elizabeth Zwicky via dmarc-discuss
wrote:
SPF can pass without being a relevant pas
SPF can pass without being a relevant pass for DMARC; DMARC requires it not
only to pass but also to align with From:. As Alessandro pointed out, your
DMARC record specifically prevents a lists.openlib.org SPF pass from being an
openlib.org DMARC SPF pass.
And yes, it's entirely possible for a
Previous ways of adapting to DMARC involved changing mailing list semantics;
ARC doesn't. That's a theoretical reason to believe it may get adoption where
other things didn't. The practical one is that there are mailing list systems
working on code, and mailing list operators I've spoken too a
DMARC doesn't say anything at all about Reply-to; it only covers the From:
line.So if AOL is enforcing a restriction based on Reply-to, it isn't doing so
based on DMARC.
Requiring Reply-to domain to match or relate to From: is a nice further
protection, particularly for non-DMARC domains, but n
Use DKIM if you want to maximize passes. Forwarding occurs in many places, and
SPF can never survive forwarding.
Elizabeth
On Tuesday, May 24, 2016 9:51 AM, Carlos P via dmarc-discuss
wrote:
Hi,
I am having trouble trying to diagnose why some mails are being reported.
Attached is an
If you're having trouble with Yahoo's DMARC implementation, let me know. We
should be following DNS without issues -- note that DNS propagation times and
DMARC reporting cycles often mean this is frustratingly slow. DMARC makes no
promises about whether reports will be sent to the address in p
In one version you also havedkim=pass (1024-bit key; unprotected)
header.d=amazon.de
header.i=@marketplace.amazon.de header.b=AOE4Rr31
which is an aligned pass because marketplace.amazon.de inherits amazon.de's
record which doesn't specify strictness of alignment and therefore defaults to
rela
Yes, we intend to drop Content-Length.
Elizabeth Zwicky
From: Scott Kitterman via dmarc-discuss
To: dmarc-discuss
Sent: Monday, October 6, 2014 11:01 AM
Subject: [dmarc-discuss] Yahoo! DKIM Signing Practices Produce Fragile
Signatures
With obvious implications for DMARC failures.
Google has always overridden DMARC for some mailing lists, a usage which is
explicitly allowed in the DMARC spec. I for one don't find it surprising
that
they added ietf.org -- and presumably some other lists -- to the set of
mailing
lists they do that for after there was worldwide press coverage
13 matches
Mail list logo