Re: [dmarc-ietf] Strange dmarc lookups

Looks like an abuse campaign doing what it can to mask sending from something like a direct IP based address like @[w.x.y.z] - in this case the IP is reportedly in Madrid. --Kurt On Mon, Mar 26, 2018 at 1:13 PM, John R. Levine wrote: > A friend looking at DNS traces says he's

[dmarc-ietf] Strange dmarc lookups

A friend looking at DNS traces says he's seeing a lot of queries like this. _dmarc.78.0x18.0143.0031 The numbers vary, some don't have the 0x. Any idea what it is? The _dmarc suggest something thinks it's finding those domains on From: lines but I'm having trouble imagining what it is.