--00000000000015ea2c0599fa4abd
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Perfect!!!

Now I understand and I'll to start DMARC implementation with p=3Dnone to se=
e
what happen.

Regards !!!

El mi=C3=A9., 18 dic. 2019 a las 7:22, Gregory Heytings (<ghe@sdf.org>) esc=
ribi=C3=B3:

>
> Hi,
>
> I'd second Viktor Dukhovni's opinion.  For the vast majority of mail
> servers, a minimalistic DMARC policy suffices, just add the following
> record in the domain's DNS root zone:
>
> _dmarc 10800 IN TXT "v=3DDMARC1; p=3Dnone;"
>
> If you want to go a step further, you can just monitor how DMARC is
> applied by receiving mail servers to mails that (pretend to) come from
> your domain.  Just add a "rua" ("reporting aggregate reports") entry:
>
> _dmarc 10800 IN TXT "v=3DDMARC1; p=3Dnone; rua=3Dmailto:
> postmaster@yourdomain.com"
>
> You'll then start receiving a daily report from the mail servers that
> implement DMARC reporting *and* that received at least one mail coming
> from (or pretending to come from) your domain.  In most cases you'll only
> receive reports from Google and Yahoo.  These reports are XML files, whic=
h
> are difficult to read, so you should find a tool that helps you to make
> sense of them.
>
> The possible next steps are to use "p=3Dquarantine", which basically mean=
s
> "deliver the mail but flag it as spam", and "p=3Dreject", which means wha=
t
> it means: do not accept the email.  But as Viktor said these policies are
> not recommended for a domain which does not handle sensitive information
> (bank, government, hospital, ...).
>
> Gregory
>

--00000000000015ea2c0599fa4abd
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Perfect!!!<div><br></div><div>Now I understand and I&#39;l=
l to start DMARC implementation with p=3Dnone to see what happen.</div><div=
><br></div><div>Regards !!!</div></div><br><div class=3D"gmail_quote"><div =
dir=3D"ltr" class=3D"gmail_attr">El mi=C3=A9., 18 dic. 2019 a las 7:22, Gre=
gory Heytings (&lt;<a href=3D"mailto:ghe@sdf.org">ghe@sdf.org</a>&gt;) escr=
ibi=C3=B3:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0=
px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br>
Hi,<br>
<br>
I&#39;d second Viktor Dukhovni&#39;s opinion.=C2=A0 For the vast majority o=
f mail <br>
servers, a minimalistic DMARC policy suffices, just add the following <br>
record in the domain&#39;s DNS root zone:<br>
<br>
_dmarc 10800 IN TXT &quot;v=3DDMARC1; p=3Dnone;&quot;<br>
<br>
If you want to go a step further, you can just monitor how DMARC is <br>
applied by receiving mail servers to mails that (pretend to) come from <br>
your domain.=C2=A0 Just add a &quot;rua&quot; (&quot;reporting aggregate re=
ports&quot;) entry:<br>
<br>
_dmarc 10800 IN TXT &quot;v=3DDMARC1; p=3Dnone; rua=3Dmailto:<a href=3D"mai=
lto:postmaster@yourdomain.com" target=3D"_blank">postmaster@yourdomain.com<=
/a>&quot;<br>
<br>
You&#39;ll then start receiving a daily report from the mail servers that <=
br>
implement DMARC reporting *and* that received at least one mail coming <br>
from (or pretending to come from) your domain.=C2=A0 In most cases you&#39;=
ll only <br>
receive reports from Google and Yahoo.=C2=A0 These reports are XML files, w=
hich <br>
are difficult to read, so you should find a tool that helps you to make <br=
>
sense of them.<br>
<br>
The possible next steps are to use &quot;p=3Dquarantine&quot;, which basica=
lly means <br>
&quot;deliver the mail but flag it as spam&quot;, and &quot;p=3Dreject&quot=
;, which means what <br>
it means: do not accept the email.=C2=A0 But as Viktor said these policies =
are <br>
not recommended for a domain which does not handle sensitive information <b=
r>
(bank, government, hospital, ...).<br>
<br>
Gregory<br>
</blockquote></div>

--00000000000015ea2c0599fa4abd--