[mailop] "Scalemarc" Service / RBL-ish thing for Undeliverable RUAs

Wed, 29 Oct 2025 00:28:05 -0700 

Moin,

over the past couple of days i finally got too annoyed with my mailq
filling up with too many undelivered DMARC reports; And figured that an
RBL-ish thing for that might be nice to get blocking of generating
reports consistent across my MXes. I threw together a service based on
email-security-scans.org for this (leveraging the same measurement
infrastructure).

I would appreciate your thoughts about this (useful/not useful/things
to consider/interfaces to provide).

What it does is:
- Allows adding 'suspect' domains
- Suspect domains get checked ~every 2 weeks; Meaning:
        - Get RUA/RUF
        - Identify authorized destinations
        - Use an empty DMARC report to test delivery to that dst
        - Record in DB if delivery fails/is successful
- Allow querying for specific RUA/RUF
- Allow dumping all non-deliverable RUA/RUF identified
- Allow querying no. of failed RUA/RUF for a domain (adds the domain
  if not present; Takes ca. 5-10minutes for checking). Only adds
  policy domains that have a DMARC record.
- Allow dumping all domains with more than one undeliverable RUA/RUF

Obviously, this works best when used with domain queries, as that
allows me to add more potentially undeliverable RUA/RUF to the check
list.

Current thoughts I have:

- How to best combine this with rspamd (given that external maps do not
  seem to work for the DMARC module; If somebody has an idea... )
- Also checking TLS-RPT destinations
- Also providing a DNS based interface for checking domains
- Make it possible to download the NDRs (currently only identified via
  their DB keys)

Any other thoughts/ideas what would make this useful, or did I maybe
miss such a thing already existing?

With best regards,
Tobias

Usage:


# Check number of non-working RUA for a domain; Gets added if not yet 
  tested.
https://stalemarc.measurement.network/api/checkRuaRuf.php?domain=example.com

# Check deliverability for a RUA/RUF
https://stalemarc.measurement.network/api/[email protected]

# Export all domains with at least one non-deliverable RUA/RUF
https://stalemarc.measurement.network/api/checkRuaRuf.php?domain=export

# Export all non-deliverable RUA/RUF
https://stalemarc.measurement.network/api/checkRuaRuf.php?rua=export

-- 
Dr.-Ing. Tobias Fiebig
T +31 616 80 98 99
M [email protected]
Pronouns: he/him/his
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop

Reply via email to