In article <[email protected]> you write: >A little off topic, but is there any normative text in DMARC about the >authenticity of the reporting?
See section 7.2. It seems like there ought to be normative >text that the report should have a valid DKIM signature from the domain >reporting. I've been getting DMARC reports for nearly a decade and do not ever remember getting one that looked fake. What would be the point? I don't see this as a problem that needs solving. It's a good idea for your reports to be aligned but only to prevent useless reports and the failure loops that some people were complaining about. R's, John _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
