[dmarc-discuss] dmarc Newbie

Roland Turner roland at rolandturner.com
Sun May 12 22:57:30 PDT 2019


Hello,

The problem that DMARC solves over the SPF -all and ADSP discardable 
mechanisms is that it allows you to see where authentication failures 
are coming from (which IP addresses) so you can fix errors/oversights 
before you disrupt legitimate email flow. The recommended action is 
therefore to review the failures and ensure that they aren't:

  * your own flows, with SPF/DKIM misconfiguration; or
  * third-party flows sent legitimately on your organisation's behalf
    (outsourced marketing functions, transactional systems, ...) but
    without appropriate authentication (generally DKIM with a different
    selector(-pair))

before you turn on p=reject.

- Roland


------------------------------------------------------------------------


On 13/5/19 2:44 am, MyKonfidi Solar wrote:
> Hey
>
> Request you to suggest what exactly we are supposed to watch in th 
> dmarc reports.  I had been getting all these xml files, earlier, later 
> i tuned to https://dmarcanalyzer.com <https://www.dmarcanalyzer.com/>, 
> and now to https://mxtoolbox.com <https://mxtoolbox.com/>. nowehere i 
> am given to understand the action statement.
>
> regards
> Chetan Agrawal
> India
>
> On Fri, 10 May 2019 at 07:32, Roland Turner via dmarc-discuss 
> <dmarc-discuss at dmarc.org <mailto:dmarc-discuss at dmarc.org>> wrote:
>
>     Hi Andrew,
>
>     The first question is what you're seeing in the aggregate feedback
>     reports (Dmarcian, Agari, etc. provide the means to do this).
>     These should be watched for a period of time (I'd suggest weeks)
>     to ensure that all is well before you turn on p=reject. The most
>     important new capability that DMARC provides over previous
>     approaches is this ability to see what's happening in receiving
>     environments and to correct errors in your configuration (or your
>     understanding of how your domain is used) before you adopt a
>     stricter policy.
>
>     - Roland
>
>
>     On 10/5/19 1:55 am, Wojtowicz, Andrew via dmarc-discuss wrote:
>>
>>     I’m a newbie with dmarc.  I’ve been playing around with some
>>     generators and I thought I had it setup right but found out today
>>     one of my staff members sent out an notification email, that uses
>>     blackboard, and it didn’t go to all gmail and yahoo users.
>>
>>     Saw this message in log..
>>
>>     SMTP error from remote mail server after pipelined end of data:
>>     550-5.7.1 Unauthenticated email from /(My domain)/ is not
>>     accepted due to\n550-5.7.1 domain's DMARC policy. Please contact
>>     the administrator of\n550-5.7.1 /(My Domain)/ domain if this was
>>     a legitimate mail. Please visit\n550-5.7.1
>>     https://support.google.com/mail/answer/2451690
>>     <https://support.google.com/mail/answer/2451690> to learn about
>>     the\n550 5.7.1 DMARC initiative. z37si617489qvc.90 - gsmtp
>>
>>     Where can I get some help on setting up the correct dmarc dns
>>     setting?
>>
>>     Thank you
>>
>>     Andrew Wojtowicz
>>
>>     Network Engineer
>>
>>     Tenafly Public Schools
>>
>>     500 Tenafly Rd
>>
>>     Tenafly, NJ 07670
>>
>>     Work - (201) 816-4555
>>
>>     Cell – (201) 563-9661
>>
>>     Email - awojtowicz at tenafly.k12.nj.us
>>     <mailto:awojtowicz at tenafly.k12.nj.us>
>>
>>     shield logo (Custom) (2)
>>
>>
>>     /NOTICE: This email message, including any attachment(s), is for
>>     the sole use of the intended recipient and may contain
>>     confidential and privileged information. Any unauthorized review,
>>     use, disclosure or distribution is prohibited. If you are not the
>>     intended recipient, please contact the sender by reply email and
>>     destroy all copies of the original message. /
>>
>>     _______________________________________________
>>     dmarc-discuss mailing list
>>     dmarc-discuss at dmarc.org  <mailto:dmarc-discuss at dmarc.org>
>>     http://www.dmarc.org/mailman/listinfo/dmarc-discuss
>>
>>     NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
>
>
>     _______________________________________________
>     dmarc-discuss mailing list
>     dmarc-discuss at dmarc.org <mailto:dmarc-discuss at dmarc.org>
>     http://www.dmarc.org/mailman/listinfo/dmarc-discuss
>
>     NOTE: Participating in this list means you agree to the DMARC Note
>     Well terms (http://www.dmarc.org/note_well.html)
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://dmarc.org/pipermail/dmarc-discuss/attachments/20190513/8e0c74d0/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.jpg
Type: image/jpeg
Size: 1672 bytes
Desc: not available
URL: <http://dmarc.org/pipermail/dmarc-discuss/attachments/20190513/8e0c74d0/attachment.jpg>


More information about the dmarc-discuss mailing list