On Jan 6, 2014, at 10:18 AM, John Sweet <[email protected]> wrote:
> Henry: just as an aside, we've also seen reports from this UK ISP, and this > technical college in the Phillippines: > > [email protected] > [email protected] > > IMHO it's not going to be feasable to whitelist every address that may send > you a report, as you recommend in, "Who will I get reports from?" It's better > to let the rua address accept all senders, then let automation handle it (dig > out the xml attachment, process it into db/reports, throw everything else > away). > Note, the spec recommends that these reports/email pass DMARC. So if you implement openDMARC on receiving, you should avoid some potential fake reports. I'm wondering from this list you have how many of these domains have published a DMARC record too. Note also, if you have set up a ruf=, you need to disable anti-spam/anti-virus for this mailbox, or you will not get "all" the failure reports.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
