I work in a larger enterprise, largest retailer in Denmark with branches in
We have been using SPF for years now with -all
We started on DKIM / DMARC earlier this year for outbound, we are on O365.
We had some issues that are resolved.
We have moved all mass mailing / external partners to subdomains and use a
reply-to where needed.
We are doing inbound DMARC on our own addresses to stop most obvious CEO scam.
We use O365, so we are using this header to run check against (sender domain
p=quarantine). So I can't really see the dmarc policy set by the sender, and
filter based on that. It is not available in any header.
Authentication-Results: spf=pass (sender IP is 188.8.131.52)
smtp.mailfrom=my.test.dk; dsg.dk; dkim=pass (signature was verified)
header.d=my.test.dk;dsg.dk; dmarc=pass action=none
header.from=my.test.dk;dsg.dk; dkim=pass (signature was verified)
> On Oct 22, 2015, at 3:43 PM, Payne, John <jpa...@akamai.com> wrote:
>> On Oct 22, 2015, at 3:36 PM, Andrew Beverley via dmarc-discuss
>> <email@example.com> wrote:
>> On Thu, 2015-10-22 at 10:19 -0700, Franck Martin via dmarc-discuss
>>> The fun is moving to ARC
>> Sad to see that Gmail plan to move to p=reject
> I’m hoping that it encourages the mailing list folk who have been reluctant
> to become DMARC safe to reconsider, whether thats ARC or wrapping.
> As an enterprise hoping to go p=reject, this is potentially a big deal for me
I’m not exactly in the loop, but besides this article almost a year ago, I
haven’t seen anything else about gmail going p=reject… and it’s now 3 months
past the advertised date.
Any word there?
Somewhat related (to my earlier post) - are there any _enterprises_ on this
list that have experience or are currently attempting to either go p=reject or
enforce DMARC policies inbound?
dmarc-discuss mailing list
NOTE: Participating in this list means you agree to the DMARC Note Well terms