Questions tagged [dmarc]
DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing.
67
questions
1
vote
1
answer
473
views
Is it bad to use DKIM DNS without signing mails?
Does it provide any trust at all to have DKIM set up correctly in my DNS but not sign any emails? I could not find any information about that.
Now, if I send an email to a domain/server with DMARC ...
1
vote
1
answer
975
views
DMARC and SPF are setup for my non-www domain but doesn't work for www
My website is up and running on www.example.com and I am sending automated emails from my email address [email protected]. DMARC and SPF seem to setup accordingly:
_dmarc : v=DMARC1;p=none;pct=100;...
0
votes
1
answer
1k
views
How should I configure DMARC (or DKIM?) to deal with OWA forwarding changing email bodies?
For my own domain (mydomain.com, hosted with a free G Suite), I have setup DMARC in testing mode:
v=DMARC1; p=none; sp=reject; aspf=s; adkim=s; rua=mailto:[email protected]
I have sent out test ...
1
vote
1
answer
576
views
What is the SPF domain value based on in DMARC aggregate reports?
As I'm reading DMARC aggregate reports, I've come across a few records that have <auth_results><spf><domain> values that don't match the envelope from, header from, or source IP ...
1
vote
1
answer
495
views
How to disable email for a subdomain without using SPF
I am working on a tool that checks SPF records, and would like a way to be able to disable email from a testing subdomain, and its children, so that my test domains are not easy targets for spammers ...
3
votes
1
answer
2k
views
How to set header.from?
A client recently received an email that was spoofed in a way that I'd never seen before. The following are the anonymised, relevant details from the email's headers:
authentication-results: spf=none ...
1
vote
1
answer
322
views
Where can I find sample DMARC failure reports? [closed]
I want to automate ingestion of DMARC failure reports, both aggregate and forensic. Unfortunately, I don't have a mailbox set up to collect them yet. Does anyone know where I can find sample DMARC ...
2
votes
2
answers
2k
views
DMARC none policy overwrites local policy
DMARC is used to tell receivers of e-mail what to do if SPF or DKIM fails in mails send from your domain. As far as I know this pretty much sums up DMARC, if this is not correct please correct me.
My ...
3
votes
2
answers
2k
views
DMARC policy result when exactly one of SPF and DKIM fails and exactly one succeeds
E-mail forwarding can break SPF, but it should not break DKIM. I want to make a DMARC policy that will evaluate to "pass" when either DKIM or SPF passes, and "fail" when neither ...
3
votes
1
answer
1k
views
Understand DMARC report before starting quarantine
I work for a small company. We have lot of IP black listed because of spamming.
We decided to setup dmarc for our mail server. This has been setup and is working correctly.
The issue now is that in ...
5
votes
1
answer
835
views
Why set up DMARC for SPF if it's already set up for DKIM?
I have SPF and DKIM. I'm planning on adding DMARC to tell receivers to expect SPF and/or DKIM. I've read that it's best to set DMARC up with both SPF and DKIM, but I don't understand exactly when ...
3
votes
1
answer
7k
views
Dmarc: Why do I have dkim=fail, spf=fail and result=pass
I have set up my company dmarc. It is in test mode and I regularly receive reports. Some seem weird to me and I would like to understand. For example, I have received a report with SPF and dkim failed,...
3
votes
1
answer
2k
views
How to read dmarc record for a report?
I have a dmarc file containing some record. I am bit surprised by the result and I would like to make sure I am reading it correctly.
Here is the record:
<record>
<row>
&...
0
votes
1
answer
153
views
Why is DKIM configuration testing not working the same for every test site?
basically, I have setup spk, dkim and dmarc for mail authentication. For this, I used this tuto. All worked correctly and I got this result:
seems like everything OK.
Now to confirm everything is ...
1
vote
1
answer
265
views
How to test dmarc in a closed environment?
I would like to setup email authentication for my company Exchange server. Since this is production I don't want to break something. I want to test this first in virtual machines and when I am sure it ...