On 3/29/13 10:37 AM, "Steve Atkins" <[email protected]> wrote:
> >On Mar 29, 2013, at 10:29 AM, Franck Martin <[email protected]> wrote: > >> >> >> On 3/29/13 10:18 AM, "Steve Atkins" <[email protected]> wrote: >> >>> >>> On Mar 29, 2013, at 10:01 AM, Franck Martin <[email protected]> >>>wrote: >>> >>>> I'd like to point to two DMARC records: >>>> http://www.dmarcian.com/dmarc-inspector/google.com >>>> http://www.dmarcian.com/dmarc-inspector/linkedin.com >>>> >>>> These are domains with humans behind the domain. So it can be done, it >>>> is >>>> not too hard, but it is not mainstream (yet)(the spec is only one year >>>> old!) and as Mike points out, do it only if you have a phishing >>>>problem. >>> >>> How does that work for, for example, the mail I'm replying to? >>> >>> It was DKIM signed with d=linkedin.com, but the body hash has changed >>> since it was signed, so it presumably fails DKIM. I'm guessing >>> blackops.org >>> isn't in linkedins SPF record. >>> >>> I'm not checking DMARC, but wouldn't this mail be rejected according to >>> your DMARC policy if I were? (I'd presume not, or you wouldn't have set >>> things up this way, but what am I missing?) >>> >> >> http://www.dmarc.org/faq.html#r_2 >> http://www.dmarc.org/faq.html#s_3 >> https://code.launchpad.net/~mlm-author/mailman/2.1-author >> >> Don't forget as a receiver you can always overwrite the DMARC >>disposition >> for stuff you strongly care about. > >I think that means that if I had implemented DMARC checking then, yes, I >would have rejected your mail? > Don't forget as a receiver you can always overwrite the DMARC disposition for stuff you strongly care about and it is specified in the spec on how to do that. _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
