> -----Original Message----- > From: [email protected] [mailto:dmarc-discuss- > [email protected]] On Behalf Of J. Trent Adams > Sent: Monday, April 29, 2013 2:21 PM > To: [email protected] > Subject: Re: [dmarc-discuss] Google doesn't support ruf= > > > Just to speak in favor of the utility of RUF reports... companies that are a > significant target of phishing attacks find the real-time failure reports > (specifically of their transactional mail) highly useful, especially in > conjunction > with an active enforcement department. Those who are sending RUF today > should be thanked for their willingness to help quickly identify and deal with > fraudulent mail. > > So, RUF may not be for everyone (e.g. if you can't really do anything with the > firehose of failure messages, you probably want to avoid it), but those who > can use the information very much appreciate it. I hope that more receivers > will find a way to support it. > > - Trent >
I agree with Trent that RUF reports are extremely useful for abused domains because of both the information contained and the real time aspect of the reporting. One of the reasons that I have heard given for not supporting RUF reporting is the lack of clarity in terms of privacy regimes/regulations and the provision of this information to 3rd parties. It would be nice to see one or more jurisdictions providing clarity and recognizing that DMARC and RUF reports are useful tools in combating abuse and that there are ways of implementing an organizations mail streams to minimize the privacy issues. Mike _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
