Thanks for the link, Franck. To be clear, the experiment in question isn't focused on the method(s) used for receiving, collating, and perhaps further passing along DMARC aggregate reports, although any tools that can help in this regard are doubtless useful. What we're trying to learn from this experiment is essentially whether or not an abuse desk will take action when presented with an aggregate report, especially if that report is coming from a third party.
Here's an example... - $BRAND authenticates its outbound mail and publishes a DMARC policy. - $BRAND is a target of a spoof attack originating from $IP_ADDRESS, and so $BRAND receives one or more aggregate reports about the attack from one or more sources. - $BRAND collates those reports, and notes that $IP_ADDRESS is the responsibility of abuse@WeProvideConnectivity. - $BRAND sends a report to abuse@WeProvideConnectivity showing that it received X reports about $IP_ADDRESS, totaling Y authentication failures. - abuse@WeProvideConnectivity receives the report, and does something with it, which may include ignore it, ask for headers, dig into logs, kill it with fire, etc. The main data point we want to gather from the experiment is what abuse@WeProvideConnectivity (and its attendant brethren) did with such reports. On Mon, Feb 3, 2014 at 2:20 PM, Franck Martin <[email protected]> wrote: > Sorry gave the wrong link > > https://github.com/linkedin/lafayette > > > On Feb 3, 2014, at 11:15 AM, Franck Martin <[email protected]> wrote: > > We have been doing it for a while now see: > > https://github.com/linkedin/lafayette > > > and been pushing for a while for people to do so > > It reminds me, when we tried to get internet in Fiji, the result of the > discussions was to first do a survey to know if Internet would be of any > value. Needless to say we lost 5 years in adoption, and in Internet time > this is a lot. > > On Feb 3, 2014, at 9:01 AM, Todd Herr <[email protected]> wrote: > > Greetings. > > I apologize if you're not a member of M3AAWG, but I'm casting a wide net > for an upcoming M3AAWG activity. > > > -- Todd 703.220.4153
_______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
