Looking at implementing DMARC for my institution. We currently have an SPF record and use DKIM to sign a small subset of messages. Rollout recommendations for DMARC suggest initially creating a "p=none" record to gather information on how a domain is being used. The RUA tag specifies a URI of where to send daily reports. Trying to get an idea of how many reports to expect a day or two after the dust settles. Does anyone use an aggregator to process their feedback (RUA tag) and/or forensic reports (RUF tag)? DMARC information. https://dmarc.org/ See slide 38 of 93 at http://www.slideshare.net/kka7/fighting-email-abuse-with-dmarc?qid=5e90be27-3fc0-41ed-9d71-253978cc6a12&v=default&b=&from_search=2 Everyone's first DMARC record V=DMARC1; p=none; rua=mailto:aggregate@example.com; Cheers! matthew black information technology services california state university, long beach
You have dmarcian, returnpath and agari to process reports. https://dmarcian.com/dmarc-status/ Will give you an idea who send aggregate reports. To state the obvious, they will send you a report only if you send them email. Allow 24 to 48 hours to get your first reports, if you don't get any, check your anti-spam filters and mail logs. On Wed, Jun 17, 2015 at 2:49 PM, Baldur Norddahl <baldur.norddahl@gmail.com> wrote:
We use dmarcian.com to process the reports.
Regards
Baldur
In article <ED78B1C68B84A14FA706D13A230D7B43699774D8@ITS-MAIL02.campus.ad.csulb.edu> you write:
Looking at implementing DMARC for my institution.
What problem do you expect this to solve? This is a real question, since you can be 100% sure that any DMARC policy will wreak havoc on any of your users who use mailing lists like this one. Academic institutions tend to have a lot of list users.
Trying to get an idea of how many reports to expect a day or two after the dust settles. Does anyone use an aggregator to process their feedback (RUA tag) and/or forensic reports (RUF tag)?
Aggregate reports, probably no more than 10 per day per domain. Failure reports, depends on how much traffic your users and people pretending to be your users send to China, since Netease in China and Linkedin are the only providers that sends them, with the vast majority from Netease. The aggregate reports are interesting, the failure reports are not. There are some scripts on the dmarc.org site I wrote that parse the reports and put the interesting bits into a mysql database. I doubt you'll need any more than that to see how much trouble a DMARC policy would cause. R's, John
What problem do you expect this to solve? This is a real question, since you can be 100% sure that any DMARC policy will wreak havoc on any of your users who use mailing lists like this one.
*Any* mailing list. Please help stamp out this abomination by refusing to capitulate to its insane desire to pretend the last three+ decades of email functionality never existed. --lyndon
participants (5)
-
Baldur Norddahl
-
Franck Martin
-
John Levine
-
Lyndon Nerenberg
-
Matthew Black