[dmarc-discuss] On Inbound DMARC Support

John Levine johnl at taugh.com
Thu Jun 19 18:58:03 PDT 2014

> Same-domain phishing is highly effective, so anything that addresses it is a prudent
>control to deploy.

Yes, I believe it.

> Thus, inbound DMARC filtering is desirable for corporate infrastructure.

No, for this threat it's irrelevant.

Surely we don't have to explain why you don't need DMARC to implement
a policy about mail from your own domains on your own servers.  You
just do it.  Someone at Cisco told me they were doing inbound phish
filtering almost a decade ago with IIM, one of the predecessors to


More information about the dmarc-discuss mailing list