Hi all,
New to this list, not to the 'net (I registered octopus.com -- that will tell you
more about me than anything ;) )
I have an interesting situation.
Our context combines:
- A very old domain name that we ONLY use for infrastructure. No web site, no
email. (ds.org)
- Other domains operate on top of that infrastructure. We do have a reasonably
active email server.
- (In reality we're a tiny nonprofit...)
Our email server was being spoofed
so much, I finally bit the bullet and fully
implemented SPF/DKIM/DMARC over the last few weeks.
Since 100% of all ds.org email is fake (other than when I generate a test
message)... it's pretty easy to recognize loopholes and failures in the overall
DMARC system.
I've got most emails under control with a 100% reject policy. However, several
items are NOT being rejected. Looks like Google and possibly some others are
being faked out... and I don't know how to fix it.
Out of ~1200 bad emails in the last week, 34 messages were
Quarantined by Google rather than rejecting, because it thought they
were forwarded.
Another set of reports (from mail.ru) show messages being rejected as
requested.
Is there anything I can do to fix this?
Thanks,
Pete
_______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
