On 31/01/12 09:32, Oliver Howe wrote:
> Does anyone have any experience of using DMARC?
Nope.
> See http://dmarc.org/overview.html
Looks interesting.
> http://www.returnpath.net/blog/intheknow/2012/01/return-path-joins-with-gmail-aol-yahoo-and-microsoft-to-found-dmarc-org-to-help-safeguard-consumers-brands-and-isps-from-phishing/
> and http://returnpath.net/commercialsender/domainassurance/dmarc/
>
> It looks like it is some kind of DNS record that checks if a domain
> has SPF and DKIM. If so, I guess a filter could be added to my inbound
> SMTP servers so that messages are actioned according to the DMARC
> policy (quarentine, reject etc) returned by the sender domains DNS
> record.
My SPF record already states that *all* email from my domain must come
from a certain server, and the ADSP record for my domain already states
that *all* email from my domain must have a valid DKIM signature:
mike@alfa:~$ dig +short txt grepular.com
"v=spf1 include:spf.grepular.com -all"
mike@alfa:~$ dig +short txt _adsp._domainkey.grepular.com
"dkim=all"
mike@alfa:~$
--
Mike Cardwell https://grepular.com/ http://cardwellit.com/
OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
