Although the domain-registrant end of DMARC is by-design easy to
implement, implementing the receiver-side in a sound fashion remains a
hard problem and therefore a rather specialist one. In general, only
large service providers and technology vendors are capable of retaining
that expertise at present. A more constructive response to your
customers might be to encourage them to:
(a) request that their service-providers/technology-vendors provide
suitable tools; or
(b) switch to service-providers/technology-vendors who do.
(It is of course relatively straight-forward for a receiver to throw
together something that naively implements the specification and simply
implements domain-registrants' requested policies, however the damage
that this will do to legitimate email flows is material. This is part of
the drive behind work on ARC.)
- Roland
On 05/12/17 21:03, Tim Toxværd-Larsen via dmarc-discuss wrote:
Hi,
Even though we have implemented DMARC reject policy on all our domains, our
customers sometimes receive phishing emails. The phishing email are e.g. sent
to email address at work.
A lot of our customers are notifying us if they get suspicious emails.
We would like to respond to their reports with a guideline for the IT
department/supplier at their company/organisation. This guideline should
contain a high level description on how to implement DMARC filter on ingoing
emails.
This could protect our customers and their colleagues from phishing attacks.
If anyone have created this kind of guideline, or are considering doing it, I
would be happy to hear from you.
I expect that the guideline will include some screenshots on how to set up
DMARC filter on different email gateways.
Even though you do not have a guideline, I would appreciate if you could send
me some screenshots of how to do this in your preferred email gateway. Then I
will gather the input to a guideline.
The guideline will be public available when it is finalised.
Best regards,
Tim Toxværd-Larsen
Senior Project manager
Danske Bank
Group IT Security & Risk
Identity & Access Management
_______________
Danske Bank A/S CVR-nr. 61126228 - København
_______________
Denne mail kan indeholde fortrolig information. Har du modtaget mailen ved en
fejl, beder vi dig derfor informere afsender om fejlen - og efterfølgende
slette mailen i dit system uden at videresende eller kopiere den. Selv om
mailen og vedhæftede bilag efter vores overbevisning er fri for virus og andre
fejl, som kan påvirke computeren eller it-systemet, hvor den modtages og læses,
åbnes den på modtagerens eget ansvar. Vi påtager os ikke noget ansvar for tab
og skade, som er opstået i forbindelse med at modtage og bruge mailen.
_______________
Please note that this message may contain confidential information. If you have
received this message by mistake, please inform the sender of the mistake, then
delete the message from your system without making, distributing or retaining
any copies of it. Although we believe that the message and any attachments are
free from viruses and other errors that might affect the computer or IT system
where it is received and read, the recipient opens the message at his or her
own risk. We assume no responsibility for any loss or damage arising from the
receipt or use of this message.
_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)
_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)
