On Fri, Aug 14, 2020 at 11:13 AM Kurt Andersen (b) <[email protected]> wrote:
> On Fri, Aug 14, 2020 at 7:31 AM Dotzero <[email protected]> wrote: > >> >> I've been involved in setting up DMARC with a policy of p=reject for >> somewhere North of 6,000 domains. As a sending domain, the heavy lifting is >> in getting buy-in across the organization that it is a worthwhile effort, >> getting control of your organization's mail flows and ensuring policies and >> procedures are communicated and followed. For complex environments there >> may need to be some automation required for creating and maintaining >> private/public key pairs and DNS records but that is much more >> straightforward than the aforementioned heavy lifting. >> > > Also note that said "heavy lifting" is not a one time expenditure of > effort. Having hoisted the weight bar above your head, it requires > organizational will and ongoing knowledge to stick to the higher bar week > in and week out. Entropy is never your friend in an organizational security > context. Neither are acquisitions :-) > > --Kurt > I absolutely agree with you, Kurt. On the other hand this is true for many things. I almost want to respond with "What's your point?" (sarcastically). Is this an interoperability problem that is solved by IETF standards or is it an organizational problem that requires an organizational solution? Perhaps we need to generate an RFC entitled "Don't Do Stupid Things". ;-) Michael Hammer
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
