Deploying DMARC seems to mean any subset of these: 1a. Publish a DMARC record 1b. Publish a DMARC record with a restrictive policy 2a. Evaluate DMARC status of incoming messages 2b. Use that status to manage message disposition 3. Collect reports 4a. Send aggregate reports 4b. Send failure reportsNice one! That analysis should make it to some implementation guide. I'd suggest an addition, though: 3a. Receive and possibly read records 3b. Collect them
As far as DMARC is concerned, once you've published rua or ruf and receive the reports, DMARC is done. Some people just put them in a mailbox, some pick out basic bits and put them in a database, some do elaborate analyses, but none of that has anything to do with DMARC compliance.
Regards, John Levine, [email protected], Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
