DMARC

Question asked by Robbie Wright - 9/5/2014 at 2:20 PM

Unanswered

So we have the box checked to turn dmarc on for incoming mail. I'm curious what it is doing in the background though as I didn't see any documentation on it. If the sending domain has dmarc set to quarantine for example, does SM dump it to junk? If they are set to reject, how do we know about it, since presumably, it wouldn't hit the spam filters? Or maybe it does hit the spam filters. Anyone have an example of a log entry of dmarc rejecting or quarantining an item?

7 Replies

Reply to Thread

Bruce Barnes Replied

9/5/2014 at 2:44 PM

Send a message to mailtest@unlocktheinbox.com and it will tell you if you are fully DMARC compliant.

May have already told you this, but my document, at: Why Am I Having Problems Getting My E-Mail Delivered? It contains a lot of DMARC, and other important information to help you become compliant.

Bruce Barnes ChicagoNetTech Inc brucecnt@comcast.net Phonr: (773) 491-9019 Phone: (224) 444-0169 E-Mail and DNS Security Specialist Network Security Specialist Customer Service Portal: https://portal.chicagonettech.com Website: https://www.ChicagoNetTech.com Security Blog: http://networkbastion.blogspot.com/ Web and E-Mail Hosting, E-Mail Security and Consulting

Robbie Wright Replied

9/5/2014 at 2:52 PM

Thanks for the reply Bruce. I'm intimately familiar with dmarc and how to set it up. I'm after exactly how SM handles dmarc on incoming domains. A check box that says "Enable DMARC policy compliance check" doesn't really say exactly what it is doing. Does it actually quarantine dmarc failures if that's what the sender's domain says? Does it put it in the virus quarantine folder or does it sit in the spool? Are dmarc rejections listed in the logs?

Robbie Wright Replied

9/5/2014 at 2:52 PM

And your document on deliver is awesome, btw.

Bruce Barnes Replied

9/5/2014 at 2:59 PM

No. Check www.dmarc.org. While controversial, the SENDER determines what happens when DMARC is checked. It's only quarantined if that's the sender's policy.

I believe that SmarterMail now notes DMARC policy application - without specifics, in the SMTP logs, but only if they are set to detailed.

Robbie Wright Replied

9/8/2014 at 8:13 AM

Bruce, I under that the sender and their dmarc record dictate how handle failures. I'll double check our smtp logs for dmarc notes. My question is about how SM handles the difference between quarantine and reject.

Eric Tykwinski Replied

6/9/2016 at 9:52 AM

Apologies about bringing up this old post, but it's on topic.

I'm finally starting to setup DMARC on some test domains, and figuring things out.

So I've got the following policy setup:

_dmarc.virtcolo.com. 3600 IN TXT "v=DMARC1; p=reject; rua=mailto:postmaster@virtcolo.com; ruf=mailto:postmaster@virtcolo.com; fo=s; adkim=s; aspf=s; rf=afrf; sp=reject"

SPF and DKIM are fine.

virtcolo.com. 3600 IN TXT "v=spf1 a mx ~all"

postfix._domainkey.virtcolo.com. ....

Emailing from my server works fine, but manually telneting into SmarterMail and sending an email to my work address isn't being rejected as I would expect. Is this a bug on SM?

Running Enterprise v15.0.5976

Robbie Wright Replied

6/9/2016 at 2:40 PM

Not 100% sure, but that record looks pretty complicated. I also wouldn't set it to reject out of the gate. Set it to none first and make sure you know what is not matched. Then tweak it up to quarantine and finally reject.

Back to Community Threads

Please leave this box unchecked

7 Replies

Reply to Thread

Tags

Related Knowledge Base Articles