Hi All, I've been following conversations as best I can via the digest (which was a bad idea), so switched to single emails.
Based on what I've heard from those just starting off with DMARC and have received very few failure reports, it's actually useful to get some form of them (redacted or not). In one case, all the failure reports were spam messages. This helped to push the org to get to a policy of reject as soon as they could. For other organizations, which were not getting any failure reports, the question continuously comes up on how can they determine which messages are the ones that are failing (and not having to try and dig through a day's worth of messages to try and figure it out). I think this is where the failure reports can help to some extent. Just my 2 cents, for what it's worth. - Shehzad • • • • Shehzad Mirza Director of Operations Global Cyber Alliance [email protected] (+1) 646 677 5535 (Option 3) [image: GCA Website] <https://www.globalcyberalliance.org/> [image: GCA Twitter] <https://twitter.com/GlobalCyberAlln> [image: GCA Facebook] <https://www.facebook.com/GlobalCyberAlliance/> [image: GCA LinkedIn] <https://www.linkedin.com/company/global-cyber-alliance/> [image: GCA YouTube] <https://www.youtube.com/channel/UCC5x4cUnZqWsV7OqBx1vCOQ> [image: GCA GitHub] <https://github.com/GlobalCyberAlliance/> [image: GCA Email Signup] <https://www.globalcyberalliance.org/#signup> [image: GCA Instagram] <https://www.instagram.com/globalcyberalliance/> [image: GCA Forums] <https://community.globalcyberalliance.org/> GCA takes your privacy seriously. To review our privacy policy, please click here <https://www.globalcyberalliance.org/privacy-policy/>. On Thu, Jun 11, 2020 at 11:40 PM Steven M Jones <[email protected]> wrote: > On 6/11/20 5:22 PM, Scott Kitterman wrote: > >> On June 11, 2020 6:28:13 PM UTC, Steven M Jones<[email protected]> wrote: > >> ... I also suggested that perhaps potential failure report generators > >> would be encouraged if they could see examples of reports with > >> different levels of redaction. > > > > I think it's entirely sensible to assess demand before investing a lot > of time in this. ... I think the real question on this issue is for > receivers. Is there anyone working that side of the equation that would be > inspired to send some kind of limited feedback report where they send none > now is they had clearer examples to work from. > > > I should have said "I speculated," I suppose... While listening to > Autumn I couldn't recall having seen such examples, so I threw the idea > out there. > > Anyway yes, we should be guided by data where we can get it. But if > we're looking for something better than "anecdata," at the moment I can > only imagine getting that through a careful survey of a large number of > non-reporting receivers. And I don't see that happening unless it covers > a lot more questions than just whether examples of redacted failure > reports would have changed the decision not to send failure reports... > > If there's no sense that it would be useful, no need for further > discussion. > > --S. > > > _______________________________________________ > dmarc mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dmarc >
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
