It appears that Daniel K. <[email protected]> said: >I regularly get reports from [email protected], that are DKIM >signed by yahoo.com, on behalf of all the other yahoo ccTLDs and their >other domains. > >The "Submitter" field in the subject identifies the domain the report is >from, and the attachment filename starts with this same domain as well. >(e.g. yahoo.no) > >But how can I know that [email protected] speaks on behalf of >yahoo.no, aol.com, rocketmail.com, etc.?
Yahoo is an outlier here sending separate reports for different hosted domains. Personally, I don't think I've ever seen a fake aggregate report, and it's hard to imagine e plausible reason for sending one, so I don't worry about it. Or you can use DKIM the way we originally intended and observe that yahoo.com has a generally good reputation so you'll accept the reports they send. You probably also get reports from google.com that include mail sent not just to google.com or gmail.com but the gazillion private domains they host. You can't even tell what recipient domains they purport to be reporting. R's, John _______________________________________________ dmarc mailing list -- [email protected] To unsubscribe send an email to [email protected]
