Yeah thats my fault I was experimenting with quarantine the last few days and proved that it was not the right policy for me.
I set it to none several hours ago but I guess gmail caches it. Check the header to see if it lists a dmarc fail with quarantine. It has been an interesting reading all the discussion emails, RFCs, websites to get my head around DMARC policy choices. In the end I decided a positive feedback only approach was what I wanted for my emails. Basically SPF with include:... ?all so that I say if it comes from my IP it is me, otherwise don't assume anything. DKIM with an ASPF unknown so that I say if it is signed OK it comes from me, otherwise don't assume anything. DMARC with none so that I say if my alignment is OK it comes from me, otherwise don't assume anything. So overall if my email passes something you can be reasonably sure it is me, if all three pass well I can guarantee it is me, otherwise I could be spam (or not) so just judge me on your normal merits of spamminess (and hopefully I don't look spammy). I also implement full chain DNSSEC as well so I am not vulnerable to people poisoning MTA's DNS caches with fake SPF/DKIM/DMARC records in an attempt to fool DMARC. I also use two-factor authentication on my email account and a strong password, anti-virus, no Java/Adobe, up-to-date patched browser and OS. As far as I can see the only way to pass off as me and pass on all three tests is to compromise my browser with a zero-day exploit to send the email which means you either really hate me or you are the NSA. Thanks, Leith Bade [email protected] On 15 August 2013 13:15, Andy Wilson <[email protected]> wrote: > Interesting enough Leith, the very email I'm replying to was put into my > gmail spam.. > Every few days I find dmarc list mail in my spam folder due to > quarantine/reject policies. Franck's emails always seem to get through > though despite LinkedIn's reject policy.. > > > On 15 August 2013 14:47, Leith Bade <[email protected]> wrote: > >> Just noticed this entire thread was sent to spam on my Google Apps >> account. >> >> Now analyzing the headers, Google detects agari.com with a DMARC failure >> and a policy of none, so should have stuck at least this first email in my >> Inbox (SPF/DKIM passes). >> >> The second two replies from tnpi.net and linkedin.com are both marked as >> DMARC failure but with a policy of reject - so I would have expected those >> emails to go to spam. >> >> However all three emails went to spam (in the same Gmail thread) >> including the agari.com email. >> >> I am speculating that the first email may have landed in my Inbox, but >> the second two emails went to spam, magically tagging the entire thread as >> spam. Of course I was not looking at the Inbox during this time so Google >> would have been able to reclassify the emails without bothering me. (I >> assume the Gmail can do Houdini tricks to spam that makes it past there >> filters and is then reported by other people etc.) >> >> I'm sure the Googlers are watching so they will know what actually >> happened. Perhaps a tweak is that if the first email in a thread (or other >> emails in that thread) that make it through as not spam should tag the >> mailing list replies that fail DMARC as suitable subjects for a mailing >> list policy override. >> >> Thanks, >> Leith Bade >> [email protected] >> >> >> On 15 August 2013 09:34, Tomki Camp <[email protected]> wrote: >> >>> Hello DMARC reporting implementors, >>> I've come across an interesting tidbit I wanted to ping you on : the >>> DMARC spec allows that a domain may publish a URI such as ' >>> [email protected]!20m', to specify that the address will only payloads of >>> up to 20 megabytes. Does your implementation support this? >>> >>> Section 5.1: >>> https://datatracker.ietf.org/doc/draft-kucherawy-dmarc-base/?include_text=1 >>> >>> >>> Thanks! >>> *Tomki Camp, Agari Director of Support* >>> [email protected] l M: 415.779.2854 l www.agari.com >>> *Learn who is most vulnerable to cybercrime in **the Agari Q2 TrustIndex >>> here <http://info.agari.com/agari-email-trust-index-q2-2013>* >>> *Sign up for our webinar **8 Steps to DMARC >>> **here*<http://info.agari.com/agari-weekly-webinar-sign-up> >>> >>> _______________________________________________ >>> dmarc-discuss mailing list >>> [email protected] >>> http://www.dmarc.org/mailman/listinfo/dmarc-discuss >>> >>> NOTE: Participating in this list means you agree to the DMARC Note Well >>> terms (http://www.dmarc.org/note_well.html) >>> >>> >> >> _______________________________________________ >> dmarc-discuss mailing list >> [email protected] >> http://www.dmarc.org/mailman/listinfo/dmarc-discuss >> >> NOTE: Participating in this list means you agree to the DMARC Note Well >> terms (http://www.dmarc.org/note_well.html) >> >> > > > -- > Regards > > Andy >
_______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
