Incoming SMTP in the year 2017 and absence of DKIM

John Levine johnl at iecc.com
Wed Nov 29 21:24:07 UTC 2017


In article <85393a12-a51f-6722-4171-118919fcc2d0 at mtcc.com> you write:
>The real problem with large enterprise that we found, however, is that 
>it was really hard to track down every 25 year
>old 386 sitting in dusty corners that was sending mail directly instead 
>of through corpro servers to make certain
>that everything was signed that should be signed. Maybe that's gotten 
>better in the last 15 years, but I'm not too hopeful.

No kidding.  That's why you publish a DMARC policy record that says
don't treat my mail any differently, but please send me summary
reports about it.  This lets you see where mail with your From: domain
is coming from, to track down all those dusty servers.  Once you've
found them all, then you can decide whether publishing a policy is
likely make things better or worse.

You'll also find a whole lot of Chinese botnets that send out spam
with random return addresses including yours, but they're not hard to
tell apart.

R's,
John



More information about the NANOG mailing list