Thanks Olga and Roland... using tcpdump is feasible for me, but I wonder how larger senders deal with this kind of issue. I would think from a privacy perspective its better for a domain's administrators to examine just emails that failed validation, rather than capturing all output and checking every single email sent.
Besides, people should be using an end-to-end encryption solution like S/MIME or OpenPGP if they don't want admins to be able to see their emails, so forensic reports would not reveal anything more than is visible anyway, such as headers. Regards, Raman On Mon 26 Nov 2012 10:50:14 AM EST, Olga Gavrylyako wrote: > Hi Raman, > In Google for different privacy issues we made a decision not to send > forensic reports. > > Olga > > On Thu, Nov 22, 2012 at 5:00 PM, Raman Gupta <[email protected]> wrote: >> Anyone from Google on this list that we can prod to start sending >> forensic reports? :) >> >> On Thu 22 Nov 2012 07:55:01 PM EST, Franck Martin wrote: >>> Only forensic reports would help you. I see you have a ruf, but not >>> everyone sends forensic reports. >>> >>> On 11/22/12 4:46 PM, "Raman Gupta" <[email protected]> wrote: >>> >>>> At least the contact form is not relevant here, as it sends via >>>> postfix. However, there may very well be some other program or script >>>> sending emails directly that I am not aware of. Which brings me back >>>> to the original question: I don't see any meta-data in the report that >>>> would help me to determine what that is. >>>> >>>> Regards, >>>> Raman >>>> >>>> On 11/22/2012 07:06 PM, Franck Martin wrote: >>>>> You are sure you are not running on that server a script that would send >>>>> emails directly, without passing via postfix? >>>>> >>>>> I see the website has a contact form, sometimes web servers tries to be >>>>> too smart: http://vivosys.com/contact >>>>> >>>>> On 11/22/12 2:44 PM, "Raman Gupta" <[email protected]> wrote: >>>>> >>>>>> First of all, DMARC is very cool. Thanks to all involved in conceiving >>>>>> it and setting it up. >>>>>> >>>>>> I've set up DKIM with DMARC feedback for several domains I manage. >>>>>> >>>>>> I thought everything was working fine, but I have started receiving >>>>>> DMARC feedback reports showing that some emails are failing the DKIM >>>>>> check. Here is an actual report: >>>>>> >>>>> >>> >> >> >> _______________________________________________ >> dmarc-discuss mailing list >> [email protected] >> http://www.dmarc.org/mailman/listinfo/dmarc-discuss >> >> NOTE: Participating in this list means you agree to the DMARC Note Well >> terms (http://www.dmarc.org/note_well.html) _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
