It appears that Daniel K.  <dan...@vendo.no> said:
>I regularly get reports from nore...@dmarc.yahoo.com, that are DKIM
>signed by yahoo.com, on behalf of all the other yahoo ccTLDs and their
>other domains.
>
>The "Submitter" field in the subject identifies the domain the report is
>from, and the attachment filename starts with this same domain as well.
>(e.g. yahoo.no)
>
>But how can I know that nore...@dmarc.yahoo.com speaks on behalf of
>yahoo.no, aol.com, rocketmail.com, etc.?

Yahoo is an outlier here sending separate reports for different hosted domains.
Personally, I don't think I've ever seen a fake aggregate report, and it's hard
to imagine e plausible reason for sending one, so I don't worry about it.  Or
you can use DKIM the way we originally intended and observe that yahoo.com has
a generally good reputation so you'll accept the reports they send.

You probably also get reports from google.com that include mail sent
not just to google.com or gmail.com but the gazillion private domains
they host.  You can't even tell what recipient domains they purport to be
reporting.

R's,
John

_______________________________________________
dmarc mailing list -- dmarc@ietf.org
To unsubscribe send an email to dmarc-le...@ietf.org

Reply via email to