On Mar 29, 2013, at 10:29 AM, Franck Martin <[email protected]> wrote:
> > > On 3/29/13 10:18 AM, "Steve Atkins" <[email protected]> wrote: > >> >> On Mar 29, 2013, at 10:01 AM, Franck Martin <[email protected]> wrote: >> >>> I'd like to point to two DMARC records: >>> http://www.dmarcian.com/dmarc-inspector/google.com >>> http://www.dmarcian.com/dmarc-inspector/linkedin.com >>> >>> These are domains with humans behind the domain. So it can be done, it >>> is >>> not too hard, but it is not mainstream (yet)(the spec is only one year >>> old!) and as Mike points out, do it only if you have a phishing problem. >> >> How does that work for, for example, the mail I'm replying to? >> >> It was DKIM signed with d=linkedin.com, but the body hash has changed >> since it was signed, so it presumably fails DKIM. I'm guessing >> blackops.org >> isn't in linkedins SPF record. >> >> I'm not checking DMARC, but wouldn't this mail be rejected according to >> your DMARC policy if I were? (I'd presume not, or you wouldn't have set >> things up this way, but what am I missing?) >> > > http://www.dmarc.org/faq.html#r_2 > http://www.dmarc.org/faq.html#s_3 > https://code.launchpad.net/~mlm-author/mailman/2.1-author > > Don't forget as a receiver you can always overwrite the DMARC disposition > for stuff you strongly care about. I think that means that if I had implemented DMARC checking then, yes, I would have rejected your mail? Cheers, Steve _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
