Carl, this is great to hear. Thanks for sharing with us.
Best regards,
Al Iverson
--
Al Iverson
www.aliverson.com
(312)725-0130
On Fri, Nov 25, 2016 at 4:36 AM, Carl Windsor via dmarc-discuss
wrote:
>>I would suggest a note saying that Fortinet's implementation is
>>known to be fatally buggy.
Well just so you know, I reported this bug to FortiNet almost a year
ago 2015-12-09. That was when FortiMail got the DMARC
implementation(firmware 5.3.0). Since that time we contacted their
support, which gave us the answer I posted. So we tried to change it by
contacting local Fortinet's repre
t: Friday, 25 November 2016 17:57
To: dmarc-discuss@dmarc.org
Subject: Re: [dmarc-discuss] Getting to reject, was :Re: FortiNet’s FortiMail
DMARC implementation
Well if it wasn't by design then how do you explain this reply from your
support team. quote:
"I've got feedback from
Well if it wasn't by design then how do you explain this reply from your
support team. quote:
"I've got feedback from engineering on this.
The current behavior is by design, the action for DMARC check failure is
driven by the action next to the DMARC check (action-dmarc) no matter
the DMARC po
>I would suggest a note saying that Fortinet's implementation is
>known to be fatally buggy.
Hi DMARC Group, I am the Product Manager @ Fortinet for FortiMail and
can confirm that this was not by design but a bug. As of 5.3 interim
build 625 we respect the p=none directive and this will be rolled
>p= none is not just because people don't care.
What he said. p=none lets you collect reports and decide what to do.
In my case, the reports have told me that for all but one of the
domains I manage*, nobody is forging them enough to be worth further
DMARC pain.
I would suggest a note saying tha
On 11/14/16 14:53, Scott Kitterman via dmarc-discuss wrote:
> It's also essentially impossible if you make non-trivial use of
> mailing lists. Even though I've has SPF -all records for over a
> decade and encourage people to reject mail purporting to be from my
> domains that fail SPF, I am no whe
On November 14, 2016 2:42:42 PM EST, Terry Zink via dmarc-discuss
wrote:
>> Well, DMARC addresses one particular vector - we still need to find
>more effective ways
>> to address cousin domains, display name abuse, etc.
>
>I didn't mean cousin domains, I mean domains that are not the same but