[dmarc-discuss] A bit confused on the utility of a DNS record for DMARC external validation

DMARC dmarc at leadershipbynumbers.com
Tue Feb 20 11:24:39 PST 2018


Before I ask the question, I'd like to set the context of what the question
is *not *about: it is not about how to create or manage DMARC external
validation from one domain (e.g., FritoLay.com) for the domain that
receives the FritoLay aggregate reports (e.g., PepsiCola.com). The
mechanism for configuring DMARC external validation between two domains is
understandable, I've done it and it works.

QUESTION ONE: How is it possible for me to continue to receive aggregate
reports from domains that have no DMARC external validation for the
receiving domain ?

I have to give a little anonymity here about the actual domains, apologies.

Ok, so I have two domains both are primary (one.com; two.com) and the
one.com DMARC defines the rua address as dmarc at two.com. There is no DMARC
external validation that permits one.com DMARC reports to be sent to
dmarc at two.com. If I examine the DMARC for one.com with MXToolBox.com, it
correctly identifies the
error with a description: " External Domains in your DMARC are not giving
permission for your reports to be sent to them."

QUESTION TWO: Is it possible that some receiving MTA's will ignore the lack
of  DMARC external validation and just send aggregate reports to any rua
address ?

DMARC-Jack
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://dmarc.org/pipermail/dmarc-discuss/attachments/20180220/95c3e0b6/attachment.html>


More information about the dmarc-discuss mailing list