On 12/8/24 19:46, Richard Clayton wrote: > a) do you get so many duplicate reports every day that you don't wonder > about them anyway ?
There's a lot of duplicate reports around, and the worst offender is Google, occasionally sending up to 5 identical reports. This has me kind of desensitised to error messages mentioning duplicate reports. On occasion I look into the duplicates, especially if there's a new sender involved. > b) DMARC reports are really useful in tracking down why genuine email > has been sent from your organisation that has not properly authenticated > (though it continues to amaze me in $DAYJOB$ how many people don't do > that at all and are surprised to learn it is happening). I agree totally. The reports are really useful in understanding the flow of our email. Most of the time the failures come from forwarders forwarding to BigMailProvider. > Beyond that, > knowing that there are bad actors out there is seldom actionable. I'd rather eliminate any possibility of this type of bad actor to send bogus third party reports in the first place, but it seems like that is not going to happen. That's fine, but now that everyone needs to update the XML they produce anyway, it seems like this would also be the perfect time to update the alignment requirement to make the described third-party fraud impossible. The fact that it's not a problem now, does not mean that it will continue to not be a problem. It's now or never. Daniel K. _______________________________________________ dmarc mailing list -- dmarc@ietf.org To unsubscribe send an email to dmarc-le...@ietf.org