Generally you'd want A + B at the very least - take a look at this document from M3AWWG about Parked Domains to see some best practice recommendations about domains that shouldn't be sending mail.
https://www.m3aawg.org/sites/default/files/m3aawg_parked_domains_bp-2015-12.pdf On Mon, Nov 27, 2017 at 10:39 AM, DMARC via dmarc-discuss < [email protected]> wrote: > > To prevent someone from spoofing a domain which doesn't send outbound > mail, is a (A) nonpremissive SPF sufficient, just a DMARC w/p=reject (B) > or should it be a combination (A + B). > > Thanks for any insights ! > > _______________________________________________ > dmarc-discuss mailing list > [email protected] > http://www.dmarc.org/mailman/listinfo/dmarc-discuss > > NOTE: Participating in this list means you agree to the DMARC Note Well > terms (http://www.dmarc.org/note_well.html) > -- PAUL ROCK *Sr Software Dev Engineer* | AOL Mail P: 703-265-5734 | C: 703-980-8380 AIM: paulsrock 22070 Broderick Dr.| Dulles, VA | 20166-9305
_______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
