[dmarc-discuss] How does *this* mailing list interact with dmarc?

Al Iverson aiverson at spamresource.com
Wed Jun 20 10:50:14 PDT 2012


On Wed, Jun 20, 2012 at 12:29 PM, Elizabeth Zwicky <zwicky at yahoo-inc.com> wrote:
>
> Don't use quarantine or reject policies on domains that contain real users; use them on transactional domains.
> Mailing lists and forwarding  are both heavily used by real people and will break DMARC.

That potentially leaves a hole in an anti-phishing/protection
strategy, though, doesn't it?
If you put a DMARC policy on yahoo.com but not on yahoo-inc.com, it
feels like that the bad guys will just phish with the latter domain
instead of the former, leaving a protection gap. I'd love to hear your
take on why this is or isn't a concern and how people ought to handle
this potential case.

Cheers,
Al Iverson



More information about the dmarc-discuss mailing list