nanog mailing list archives
Re: DMARC -> CERT?
From: William Herrin <bill () herrin us>
Date: Mon, 14 Apr 2014 13:29:42 -0400
On Mon, Apr 14, 2014 at 1:03 PM, <Valdis.Kletnieks () vt edu> wrote:
The problem is when Yahoo users post to lists that use DMARC, and the result is the yahoo user's mail getting bounced or dumped on the postmaster.
Basically, this is just like old ORBS. If you were an ISP, you had to check your local users' IP addresses smarthosting through your mail server against ORBS or your mail server would inevitably be listed. Now, as then, the solution is: if the domain has a DMARC listing, mail addresses using it aren't permitted to post to the list. As I tried to say before but was probably too subtle -- just flunk validation for all DMARC-using messages, across the board without exception, and then act on that failure as the DMARC DNS records indicate that the sender wants you to. Especially the ones to abuse@ and your other POCs. That'll clean up the use of DMARC right quick. Regards, Bill Herrin -- William D. Herrin ................ herrin () dirtside com bill () herrin us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
Current thread:
- DMARC -> CERT? Miles Fidelman (Apr 14)
- Re: DMARC -> CERT? Matthew Petach (Apr 14)
- Re: DMARC -> CERT? Miles Fidelman (Apr 14)
- Re: DMARC -> CERT? Laszlo Hanyecz (Apr 14)
- Re: DMARC -> CERT? Valdis . Kletnieks (Apr 14)
- Re: DMARC -> CERT? William Herrin (Apr 14)
- Re: DMARC -> CERT? Miles Fidelman (Apr 14)
- Re: DMARC -> CERT? Laszlo Hanyecz (Apr 14)
- Re: DMARC -> CERT? Christopher Morrow (Apr 14)
- Re: DMARC -> CERT? Miles Fidelman (Apr 14)
- Re: DMARC -> CERT? Florian Weimer (Apr 21)
- Re: DMARC -> CERT? Miles Fidelman (Apr 14)
- Re: DMARC -> CERT? Matthew Petach (Apr 14)
- Re: DMARC -> CERT? Jim Popovitch (Apr 14)
- Re: DMARC -> CERT? Scott Howard (Apr 14)
- Re: DMARC -> CERT? Christopher Morrow (Apr 14)
- Re: DMARC -> CERT? Doug Barton (Apr 14)
- Re: DMARC -> CERT? Matthew Petach (Apr 14)