Couple of points... 1) https://github.com/linkedin/dmarc-msys/blob/master/dmarc.lua#L804 This is how we detect if the email is likely to be from a mailing list. I parse the logs from time to time, and put exceptions in our local policy.
2) very few lists discard DMARC protected emails on reception. So as long you don't post too often, you are not triggering the unsubscribe due to bounce function in mailman... 3) we tell our employees to use personnal email addresses for mailing lists... It makes sure they are not speaking on our behalf ;) 4) GApps DKIM signs all the emails with <customerdomain>.gappssmtp.com until said customer DKIM signs with its own domain (because they want all emails to be authenticated). On Tue, Oct 25, 2016 at 1:14 PM, Payne, John via dmarc-discuss < dmarc-discuss@dmarc.org> wrote: > > > On Sep 27, 2016, at 12:23 PM, Terry Zink via dmarc-discuss < > dmarc-discuss@dmarc.org> wrote: > > > >> Somewhat related (to my earlier post) - are there any _enterprises_ on > this list that have > >> experience or are currently attempting to either go p=reject or enforce > DMARC policies inbound? > > > > I just wrote one for Microsoft: https://blogs.msdn.microsoft. > com/tzink/2016/09/27/how-we-moved-microsoft-com-to-a- > pquarantine-dmarc-record/ > > This is the blog post I wanted to write :) I’m just behind on getting to > p=quarantine. > > There are 2 things slowing me down: > > 1. As I just replied to Franck - enforcing inbound (which is my primary > goal) - I need to handle mailing lists (and I don’t want to wait for ARC > adoption). So I have to figure out all the mailing lists my users are > posting to so I can whitelist those IPs coming back unless anyone wants to > share a list? :) > > 2. Google seems to report itself as a DMARC failing sender for unrelated > domains to me. This really started in earnest in March, but I’m getting > 40k-60k what seem like unrelated reports a day, for example: > > > Domain MAIL FROM DKIM domain SPF Auth DKIM Auth > Total > akamai.com oppa.com.br oppa-com-br.20150623.gappssmtp.com Pass Pass > 237 > > So that’s killing my confidence on publishing p=quarantine (I can fake one > inbound). Are others seeing this, or am I a special snowflake? > > > > Thanks > John > _______________________________________________ > dmarc-discuss mailing list > dmarc-discuss@dmarc.org > http://www.dmarc.org/mailman/listinfo/dmarc-discuss > > NOTE: Participating in this list means you agree to the DMARC Note Well > terms (http://www.dmarc.org/note_well.html) >
_______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
