On 12/8/24 19:46, Richard Clayton wrote:
> a) do you get so many duplicate reports every day that you don't wonder
> about them anyway ?

There's a lot of duplicate reports around, and the worst offender is
Google, occasionally sending up to 5 identical reports. This has me kind
of desensitised to error messages mentioning duplicate reports.

On occasion I look into the duplicates, especially if there's a new
sender involved.


> b) DMARC reports are really useful in tracking down why genuine email
> has been sent from your organisation that has not properly authenticated
> (though it continues to amaze me in $DAYJOB$ how many people don't do
> that at all and are surprised to learn it is happening).

I agree totally. The reports are really useful in understanding the flow
of our email. Most of the time the failures come from forwarders
forwarding to BigMailProvider.


> Beyond that,
> knowing that there are bad actors out there is seldom actionable.

I'd rather eliminate any possibility of this type of bad actor to send
bogus third party reports in the first place, but it seems like that is
not going to happen.

That's fine, but now that everyone needs to update the XML they produce
anyway, it seems like this would also be the perfect time to update the
alignment requirement to make the described third-party fraud impossible.

The fact that it's not a problem now, does not mean that it will
continue to not be a problem.

It's now or never.


Daniel K.

_______________________________________________
dmarc mailing list -- dmarc@ietf.org
To unsubscribe send an email to dmarc-le...@ietf.org

Reply via email to