From postfix-users Tue Dec 17 17:53:59 2019 From: Dave Goodrich Date: Tue, 17 Dec 2019 17:53:59 +0000 To: postfix-users Subject: Re: DMARC usage opinion Message-Id: <1209854582.122850.1576605239960.JavaMail.zimbra () greenfieldin ! org> X-MARC-Message: https://marc.info/?l=postfix-users&m=157660529830367 ----- On Dec 17, 2019, at 12:40 PM, Dominic Raferd dominic@timedicer.co.uk wrote: > On Tue, 17 Dec 2019 at 17:35, Dave Goodrich wrote: >> >> ----- On Dec 17, 2019, at 8:14 AM, Roberto Carna >> wrote: >> >> Dear, I have a Postfix server and I have SPF and DKIM TXT records in my DNS. >> Everything works OK. >> But now I want to implement DMARC, but somebody tells me not to do it because >> I'd have some problems and I'll have to use a whitelist for several emai >> addresses, and it's a heavy additional work. >> >> Please can you tell me your opinion about DMARC usage ??? >> >> Thanks a lot. >> >> >> I implemented DMARC recently because of problems with City officials emails >> being used for fraud. I get the reports, I know that people in other countries >> are using our email addresses, I have not the faintest idea what I can do about >> it. I am having trouble understanding the purpose of the reports I receive, I >> can't do anything with the information. >> > > This is exactly what DMARC (p=reject) helps with. The reports tell you > about fake emails that were identified and blocked (and also help you > identify if your systems are correctly set up for genuine emails to > pass). If you are receiving the raw reports and don't understand them, > try using something like Postmark. I understand the reports fine, but I can't force another server to use my policy. With reports I know who is using my policies, but I know nothing of where the fraud emails are being delivered instead of rejected. DAve