[dmarc-discuss] Re-verifying external report destinations

Steven M Jones smj at crash.com
Mon Nov 11 02:22:42 PST 2019


This has been a bit of a problem, as non-verification of “ruf” addresses combined with people copying sample DMARC records in their deployments led to what I have to assume are violations of GDPR and several other privacy regimes.

I would hope people would see reporting address verification as an important mitigation of concerns about “ruf” reporting. My fear is that instead it makes the lawyers say “no” a few microseconds faster...

—Steve. 

Sent from my iPhone (if I’m lucky)





More information about the dmarc-discuss mailing list