A small volume of incoming messages will be rejected because the recipient
account is over quota, the recipient account has been terminated, or the
sender accidentally entered an incorrect address. If the sender is
known to be legitimate and acceptable, then the sender should be notified
of these
Thanks, added as a list
--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast
> -Original Message-
> From: dmarc On Behalf Of Matthäus Wander
> Sent: Friday, March 22, 2024 7:15 PM
> To: dmarc@ietf.org
> Subject: [dmarc-ietf] Security Consider
The Security Considerations section of aggregate-reporting-14 currently
consists of a placeholder. Suggested text follows.
7. Security Considerations
Aggregate reports are supposed to be processed automatically. An
attacker might attempt to compromise the integrity or availability of
the repo
Yes, Neil, that is what I thought was communicated by my initial language.
Security Considerations are topics that implementers and administrators
should give consideration when making risk-based decisions, and this is one
that seemed worthy of mention. Since others concluded that I was
assertin
On Nov 15, 2022, at 7:11 PM, Douglas Foster wrote:General:For a reporting specification, the Security Considerations are by definition any risks of unwanted information disclosures. So that is where attention needs to be given.Operational experience: I don't have specific knowledge of the info
General:
For a reporting specification, the Security Considerations are by
definition any risks of unwanted information disclosures. So that is
where attention needs to be given.
Operational experience:
I don't have specific knowledge of the information gathering strategies of
malicious actors.
On Tue, Nov 15, 2022 at 4:13 AM Douglas Foster <
dougfoster.emailstanda...@gmail.com> wrote:
> You failed to read and understand what I wrote.
>
Hatless, I also cannot parse your proposed text or what you're trying to
communicate in this email.
As Chair, our charter around the bis project is cle
It appears that Douglas Foster said:
>-=-=-=-=-=-
>
>I recommend adding this text or similar language to address a security
>problem\.
>
>Doug Foster
>
>"Operators of multi-tenant servers are cautioned against configurations
>which have some clients configured to use DMARC and send DMARC reports,
I recommend adding this text or similar language to address a security
problem\.
Doug Foster
"Operators of multi-tenant servers are cautioned against configurations
which have some clients configured to use DMARC and send DMARC reports,
while other clients are configured to ignore DMARC and conse
