Hi list,
I've found this case where DMARC reports are sent to an external destination
without the verification TXT record being published.
```
❯dig _dmarc.[redacted] txt +short
"v=DMARC1; p=none; rua=mailto:dm...@emailzustellbarkeit.de"
```
The external destination domain does not publish a `v=DMARC1;` TXT record for
that domain.
```
❯dig[redacted]._report._dmarc.emailzustellbarkeit.de txt
[...]
;; QUESTION SECTION:
;[redacted]._report._dmarc.emailzustellbarkeit.de. INTXT
;; AUTHORITY SECTION:
emailzustellbarkeit.de.1614INSOAns5.kasserver.com. hostmaster.kasserver.com.
2401241842 28800 7200 1209600 7200
[...]
```
The only common factor is the root domain of the MX record.
```
❯dig[redacted]mx +short
10 w01ad564.kasserver.com.
❯dig emailzustellbarkeit.de mx +short
10 w01b9b8a.kasserver.com.
```
Some ISPs that send reports are Microsoft (Outlook), Seznam, emailsrvr. I
already reached out to emailsrvr but didn't get a response yet.
Are they violating the RFC or is there a new DMARC report exception if both
domains share the MX root domain?
Thank you.Vitali
Sent with [Proton Mail](https://proton.me/) secure email.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop