As long as the organizational domain you want reports for is the same as you have published in the DMARC RUA/RUF "mailto" tags, then no, you do not need it to be able to receive said reports.
- Mark Alley On Thu, Feb 16, 2023, 7:47 PM H <age...@meddatainc.com> wrote: > On February 16, 2023 6:37:42 PM EST, Mark Alley via mailop < > mailop@mailop.org> wrote: > >You only need to create that record if you are sending the > >aggregate/failure reports for a particular domain that is different > >from > >the one the reports are actually on behalf of. > > > >So for example, if you owned domain1.com and wanted to send RUA/RUF > >reports > >for domain1.com to a mailbox at domain2.com (assuming you own domain2), > >you > >would need to create the TXT record in domain2 - > >"domain1.com._report._ > >dmarc.domain2.com" IN TXT "v=DMARC1;" > > > >If you're using an external third party for report analysis, usually > >they > >have a wildcard published in their DNS for this "_report._dmarc" > >subdomain, > >so you don't have to worry about it in that case. > > > > > >- Mark Alley > > > > > >On Thu, Feb 16, 2023, 4:14 PM H via mailop <mailop@mailop.org> wrote: > > > >> On 02/11/2023 07:42 PM, H wrote: > >> > >> On 02/11/2023 01:55 AM, Gellner, Oliver via mailop wrote: > >> > >> > >> On 2023-02-11 02:51 H via mailop wrote: > >> > >> > >> On 02/10/2023 10:13 AM, Gellner, Oliver via mailop wrote: > >> > >> On 2023-02-10 04:08, H via mailop wrote: > >> > >> I now did find that resource but it is written as general information > >and does not really tell how to get it going with IONOS if they run the > >email server... > >> > >> As far as I understood you not only use Ionos as your registrar, but > >also use their email server to send your email through. Ionos does not > >DKIM sign emails on behalf of its customers, at least they didn't do so > >in the past. So the answer is simple: You do not set up DKIM or DMARC > >at all, because you can't. > >> The instructions given by Ionos are only valid if your email is sent > >and signed by some other server and you want to add the DKIM public key > >to your domain hosted at Ionos. > >> > >> -- > >> BR Oliver > >> > >> Thank you, you are starting with the first issue, ie whether I can > >even > >> have a DKIM record given that the domain is hosted by Ionos as is the > >mail > >> server. Upon my additional research I have come to the same > >conclusion as > >> you, ie not possible. > >> > >> By the way, I stumbled across this posting on the net - > >> > > > https://serverfault.com/questions/1030262/record-dkim-on-ionos-makes-sense > >> - that as far as I can tell is still true. > >> > >> So, I will now look at creating a DMARC record given that I have > >> previously created a SPF record and will not be able to have a DKIM > >record. > >> > >> I recommend against setting up a DMARC record with a policy of > >quarantine > >> or reject as long as DKIM signing isn‘t in place. The SPF > >authentication > >> will break for all forwarded messages as well as for all automatic > >replies > >> or non-delivery reports. It will do mire harm than good. > >> Of course if you‘re interested in the reporting you can create a > >DNARC > >> record with a none policy and only change that after you have moved > >to a > >> different email provider who supports DKIM. > >> > >> — > >> BR Oliver > >> > >> ------------------------------ > >> dmTECH GmbH > >> Am dm-Platz 1, 76227 Karlsruhe * Postfach 10 02 34, 76232 Karlsruhe > >> Telefon 0721 5592-2500 Telefax 0721 5592-2777 > >> dmt...@dm.de <dmt...@dm.de> * www.dmTECH.de <http://www.dmtech.de> > >> GmbH: Sitz Karlsruhe, Registergericht Mannheim, HRB 104927 > >> Geschäftsführer: Christoph Werner, Martin Dallmeier, Roman Melcher > >> ------------------------------ > >> Datenschutzrechtliche Informationen > >> Wenn Sie mit uns in Kontakt treten, beispielsweise wenn Sie an unser > >> ServiceCenter Fragen haben, bei uns einkaufen oder unser dialogicum > >in > >> Karlsruhe besuchen, mit uns in einer geschäftlichen Verbindung stehen > >oder > >> sich bei uns bewerben, verarbeiten wir personenbezogene Daten. > >> Informationen unter anderem zu den konkreten Datenverarbeitungen, > >> Löschfristen, Ihren Rechten sowie die Kontaktdaten unserer > >> Datenschutzbeauftragten finden Sie hier > >> > >< > https://www.dm.de/datenschutzerklaerung-kommunikation-mit-externen-493832> > >> . > >> > >> > >> _______________________________________________ > >> mailop mailing > >listmailop@mailop.orghttps://list.mailop.org/listinfo/mailop > >> > >> I see. As I am sure everyone has noticed, I am a complete newbie to > >> SPF/DKIM/DMARC (and a lot of other things.) > >> > >> Understanding your message, creating a DMARC with "none" policy would > >not > >> have any downside? When you say "reporting", what type of reporting > >would > >> that be and how could I benefit from such reporting? > >> > >> I have created a DMARC record and checked that it is correctly set up > >on a > >> DMARC check site. I understand that in order to receive these reports > >I > >> also need to create a EDV record among my domain DNS settings? > >> > >> Googling around I have not found any clear instructions on how to do > >so? > >> > >> At this time my understanding is that I need to create another TXT > >record > >> where the host field would contain "mydomain.com._report._ > >> dmarc.mydomain.com" and the value field would contain "v=DMARC1". > >> Mydomain above would of course be replaced with the actual domain > >name. > >> > >> Thanks. > >> _______________________________________________ > >> mailop mailing list > >> mailop@mailop.org > >> https://list.mailop.org/listinfo/mailop > >> > > Since I will be analyzing the data myself, no third-party involved, I do > not this type of record, correct? >
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
