Email Server and DNS

Dave Crocker dhc2 at
Mon Nov 4 15:21:30 UTC 2013

On 11/3/2013 8:11 PM, John Levine wrote:
>> I would recommend you go a
>> step further and use DKIM, ADSP, and DMARC.
> Using DKIM is a good idea.  Do *not* use ADSP.  It is a failed
> experiment which will provide no benefit and considerable pain.


> If you believe that your domain is heavily forged (which if you are
> not Paypal, Facebook, or a large bank or ISP, it almost certainly is
> not), you can set up a DMARC record to collect some statistics about
> what mail other people are getting that appears to be from you.  Do
> not try to use DMARC to tell people to quarantine or reject your mail
> until you are really sure you understand the statistics you're
> getting.


The 'reporting' function in DMARC appears to have wide applicability and 
substantial benefit.  The handling (rejection, etc.) function has very 
narrow benefit.


Dave Crocker
Brandenburg InternetWorking

More information about the NANOG mailing list