[dmarc-discuss] Re-verifying external report destinations

Ken O'Driscoll ken at wemonitoremail.com
Fri Nov 8 09:03:00 PST 2019

Quick question:

Is is common for providers to re-verify external report email addresses
from time to time?

I ask because a few months ago we did a clean-up and deleted a few
authorisation TXTs for former clients who still had our report email
address configured in their record.

I've just noticed that some providers, including a few large ones (Google,
LinkedIn and Rackspace) are still sending DMARC reports for some domains
despite the lack of corresponding verifying records for several months.

Is what I'm seeing normal behaviour?

And if the answer is yes, is rejecting the messages what others do when
faced with an uncooperative former client?



More information about the dmarc-discuss mailing list