On Jul 31, 2014, at 4:37 PM, Steve Atkins via dmarc-discuss <[email protected]> wrote:
> > On Jul 31, 2014, at 3:31 PM, Norman, Jean Marie via dmarc-discuss > <[email protected]> wrote: > >> Has anyone experienced unauthenticated emails being delivered to Google >> recipients despite having a DMARC policy (quarantine or reject) in place? We >> have seen evidence that unauthenticated emails (not passing both SPF and >> DKIM) are being delivered to Google, despite a DMARC policy, when messages >> pass through a ‘forwarder’, as noted by Google. We are trying to better >> understand this behavior and whether or not anyone has found a solution? Any >> insight or recommendations would be appreciated. > > Several large entities have published inappropriate DMARC records, leading to > wanted mail from those entities not being authenticated when it ends up at > the recipients inbox. Because of that, Google (and others) are unlikely to > blindly follow DMARC policies. > None of the large entities have published inappropriate DMARC records. They did it knowing exactly the impact and I don’t know any receiver that changed the way they process DMARC after such large entities allegedly published such records. It was known for some time that some systems (amongst other use cases), for instance, were not keeping the DKIM signature while doing simple forwarding and would have to be fixed. Cf http://www.it.cornell.edu/services/guides/email/issues.cfm#dmarc which uses MS-Exchange. Microsoft should fix this problem in an upcoming release (https://www.mail-archive.com/[email protected]/msg01621.html), meanwhile...
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
