[dmarc-discuss] How to handle temporary dns failure?

pandalove pandalove at 126.com
Mon Jun 11 22:29:33 PDT 2012

Hi folks,

These are mails who are DKIM aligned and SPF not aligned naturally(such as newsletters ESPs using envelope sender domain different from header from domain, providing no SPF aligned identifier), if the mail receiver gets temporary dns failure when requesting DKIM selector, this email will fail DKIM verification and provide no DKIM aligned identifier.

In this case, such emails will fail the whole DAMRC mechanisms. If their "p=" tag is not "none", these emails will be rejected or quarantined. At least, a forensic report will be sent.

Considering people may use different DNS domains for DKIM selector and DMARC record, so the mail receiver can query DMARC record successfully, but DKIM selector DNS request can solely fail .

That is, once their DKIM selector DNS temporarily failed, their mails can not be delivered normally due to DMARC failure.

Anyone want to share his opinion about such a situation?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://medusa.blackops.org/pipermail/dmarc-discuss/attachments/20120612/041bad74/attachment-0001.htm>

More information about the dmarc-discuss mailing list