| ▲ | ZeroConcerns 4 hours ago | |||||||||||||||||||||||||||||||
DMARC is a relatively recent addition to the email security space, and while it seems a bit superfluous at first, is actually quite useful! Sending and receiving the reports (which, should be noted, is entirely optional) might indeed be helped by a setup separate from the main mail handling workflow, as the 'best effort' nature and the fact that lots of systems sending DMARC reports have no business delivering mail for the sender domain in the first place are quite distinct. Both Microsoft and Google seem to do it just fine using their main infrastructure though, so there's that. And apart from (performing or hopefully kickstarting) troubleshooting of SPF and (especially) DKIM failures, going through the forensic reports (which not everyone sends, even if they do summaries, due to message privacy concerns) will definitely satisfy your 'WTF-quota' for the day, since you get to see some spoofed messages that are usually just blackholed, and some of those are truly bizarre... | ||||||||||||||||||||||||||||||||
| ▲ | bbarnett an hour ago | parent | next [-] | |||||||||||||||||||||||||||||||
Both Microsoft and Google seem to do it just fine I routinely get between 5 and 10 duplicates of DMARC reports from Google for gmail. Searching on this, it's a known phenomenon. No one else has this issue. I don't get dupes from outlook.com, hotmail, yahoo, etc, etc. But it's Google. Fairly typical for their modern quality control and engineering practices. I view them as a little like when Volkswagen stopped being run by engineers, and instead by accountants. | ||||||||||||||||||||||||||||||||
| ▲ | flowerthoughts 4 hours ago | parent | prev [-] | |||||||||||||||||||||||||||||||
I also don't see why the DMARC reporting would retry sending. If the receiver isn't receiving right away, surely it's okay to just drop that report to keep the queue small. | ||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||