On May 16, 2014, at 2:09 PM, Paul N. Pace via dmarc-discuss <[email protected]> wrote:
> Hello- > > I am setting up DMARC for the first time. My test server is running Ubuntu > 12.04 and I am using OpenDMARC 1.2.0 installed from the Ubuntu repositories. > > My goal with DMARC is simply to have OpenDMARC process messages per the > record of the domain owner. > > I see in man opendmarc.conf that RejectFailures is set to false by default. > Does this mean that when a DMARC record states p=reject, OpenDMARC will not > reject the email? > > If I understand it correctly, to send failure reports (when requested), > ForensicReports must be set to true, but default is false. Since these are > only sent based on the record, is there some drawback to sending failure > reports? > > Thank you! > 1) I believe this is a safeguard, so that when you install it for the first time, it does not reject all your mails by mistake. Read the logs and if happy with what it would reject, then turn it on otherwise fix your configuration till you are happy. 2) failure reports send a copy of the email (opendmarc does the headers only) to the domain owner. This is not the sender nor the recipient, as such you are passing information to a third party not involved with the conversation. Some people say this is private information, so people say it is no more nor less than sending a bounce back to the postmaster of the system…. your choice.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
